NSA backdoor creates security hole in Windows

A number of people have written in with the news that Cryptonym has found an apparent backdoor for the NSA (called NSAKEY) in all current versions of Windows. However, you can open this backdoor yourself and install your own strong cryto module in place of the built-in one. More details are also online, but to be quite frank, we aren't quite sure on this one-so, if you're more qualified comment, please do so below.Update: 09/03 11:19 by H :Thanks to Jens Hillman for more information from the German Chaos Computer Club. Der Webpage ist auf Deutsch-Babelfish it.

Re:Is it possible this is a decoy?

[kkenn]

Not quite as bad as that. Check the PGP FAQ which talks about the relative merits of the different algorithms.

Re:Well, this is another argument for getting sour

[MindStalker]

That is exactly why I don't believe in socialist. For some reason government just can't take issues seriously. While in a capitolistic company, every thing that could possibly go wrong is taken with the upmost seriousness usually. (This is one reason I'm not worried about y2k in america)

It's all about control...

[Da+w00t]

I REALLY liked it when windows decided it wanted to run away with (one, just one) of my CPU's on my nice P2 400x2 machine. I tought it right quick -- kill -9 vmware fixed it right nicely.

Re:We let the government decay to a dangerous poin

[Simon+Brooke]

AC writes:


I remember him saying before Waco that the four best police agencies in the world were (in order) the FBI, the Texas Rangers, the Texas Department of Public Safety, and the Mexican Federal Judicial Police.


Every so often someone in the British establishment says 'British [X] is the best in the world'. It's always a sign of a major scandal brewing in [X], whether that's beef, banking or beaurocracy. 'The best in the world' means out-of-touch and complacent, and out-of-touch and complacent is very, very close to corrupt.

Re:That was a theoretical attack

[porkchop_d_clown]

Thanks for the correction - I had forgotten who had actually written the trojan.

--

Re:That was a theoretical attack

[porkchop_d_clown]

First, it isn't FUD, it was done - although (as another person pointed out) it was never released outside AT&T, which contradicts what I had originally read, but I guess Thompson would know better than I what he did with the Trojan.

Second - That doesn't eliminate my main point: There's no reason why someone with access to one of the main GNU distributions sites couldn't pull the same trick off today, by slipping the trojan into gcc.

--

Re:Sorry but that's BULL

[cwilkins]

It was NT3.51, on very specific hardware (A Compaq somethingorother), and C2 orangebook only.

MS has of course used this to imply that NT has been C2 certified -- worded carefully so as not to be an outright lie.

the begining

[discore]

i have a feeling this is just the begining to a lot of government related spying-on-your-computer stuff. we'll see. sure we've heard a lot about it but is it happening now to a huge extent?

Re:the begining

[DrNO]

so, what was all that commentary about excessive parinoia? It seems pretty clear that those of us who tend to trust in governments and big busines's good intentions should revise our opinions.

Re:the begining

[kootch]

in the immortal words of Kurt Cobain:

"just because your paranoid doesn't mean they're not after you."

Re:the begining

[discore]

oh im not neccisarily paranoid about it. i don't have too much to hide on my windows box. it's just interesting that the government wants to know what's on everyone's computers really badly for some reason, and it's obvious they are willing to go to quite excessive lenghts to get it. is that a government that should be trusted? one that can't even trust its people?

One more nail in the coffin...

[Space+cowboy]

*If* this is true (I don't have Windows, so I can't try and check!) then surely its one more reason for Linux to be trusted over Windows. Or (more accurately) for open source to be trusted over closed source.

Re:One more nail in the coffin...

[Analog]

Lessee, that would make nearly 3 million people in the US alone, over 50 million worldwide, and all it takes is one to find it and say something...

Re:One more nail in the coffin...

[Ralph+Wiggam]

I agree with you, but you're forgetting one thing. I trust that 1% of folks because they have no financial, legal, political, or nationalist ties to any one entity. If any one of the people in that 1% finds something shady going on, they have the ability to bring the whole world's attention to it (read: slashdot.org). I have one semester of C training and as far as I'm concerned, the Linux kernel code is complete giberish. Still, I trust it because a group of brillaint, nerdy guys I don't know are checking it out for me.
When you get a group of people with shared ties writting code (in this case financial and political) where it would not be in thier self-interest to cry wolf, you end up with interesting situations like this one.

skepticism note: I would not be suprised if this story was either an anti-MS hoax pulled by some fanatical open source group or if the naming scheme is a joke from a 25 year old programmer at MS and has nothing to do with the National Security Agency.

-Barry

Is it possible this is a decoy?

It was easy to discover so maybe it's just a coverup for something larger NSA put in there, which is still active? Good thing this can't happen with Open Source software like Linux!

Re:Is it possible this is a decoy?

[um...+Lucas]

According to the PGP manual distributed with the binaries, MD5 is just about completely broken... Meaning that it is possible to generate new text that conforms to the old signature. The alterntive is SHA, developed by: the NSA...

I guess it's a battle of the lesser of two evils, broken implentation vs. strong implentation written by the organization that everyone seems to love to hate

Re:Is it possible this is a decoy?

[dirty]

Does anyone else rember the ComBot backdoor? Basically what happened was ComStud, the guy who wrote ComBot (an irc robot) put in a few lines of code that allowed him to have full access to the bot. It wasn't 100% obvious what was going on because the backdoor was placed in two files (one part copied the crypt()'d version of "HAQD" into a global string w/ the comment /* Don't ask, it works */). This was located in main.c. The other part was located in ctcp.c which would crypt() the first word of the ctcp command and if it matched the other string it would treat the command as if it came from the owner of the bot. It took a little while to get discovered, but it did.

Basically being open source doesn't prevent something from being back doored, but it does make it harder. Not to mention the ComBot example isn't the greatest, it could have been hidden better.

Re:Is it possible this is a decoy?

[HyPeR_aCtIvE]

Ummm, sorry to burst your bubble but this COULD happen in Open Source software like Linux. Just because it is open source doesn't mean that something can't be hidden within it.

Now granted, the person who is doing the hiding has to be MUCH trickier about doing it ... but still, how many times have you been looking at someone else's source code and said:

"What the @#$% do those 3 lines of code do? Hrmmm, oh well, doesn't look like the section I was trying to find anyway . . ."

Because they are very obscure lines of code, that don't seem to be what you are looking for, so you don't take the time to 'play computer' and try to figure out what they are ...

Re:Is it possible this is a decoy?

[PigleT]

Short answer: I've never said that.

Admittedly I don't exactly read all the source that goes on my machine at all, either though :)
~Tim
--

Re:Is it possible this is a decoy?

[settonull]

> Ummm, sorry to burst your bubble but this COULD
> happen in Open Source software like Linux. Just
> because it is open source doesn't mean that
> something can't be hidden within it.

I agree that it could, but I think it is much less likely. While everyone might not take the time to look at those three lines of code, we don't need everyone to. All we really need is one person to notice and point it out to people.
(this happened recently if I recall, a popular mirror was cracked and code trojaned, but it only took a short while to get things sorted out)

There is also a difference in trust that exists today, though it might not be that way forever. Because of the nature of the people doing the open source work, I have much greater trust in say linus, alan, etc doing what's best for me, than I do in MS or the US gov.

Re:Is it possible this is a decoy?

[dattaway]

Yes, this is true. *Always* check the md5sum of those popular packages against multiple mirrors. That would not protect you if the source was intercepted before it was mirrored, but that's what we get when our pants get caught down without widespread authenticication and encryption. Its a war. Corrupt organizations (I won't mention the NSA) might win and sooner than you think.

Fix it yourself?

[MrPlab]

If you can fix it yourself

Well, that's almost impossible for half of the Windows population.. and hardly possible for people who know what they're doing :)

How come I'm not surprised when I hear about more and more backdoors in Windows?

Matt
_____________________________________

Will hasten retreat from Windows

[Sleepy]

I've answered a lot of questions from coworkers, friends and acquaintences regarding Linux as an OS. While most of them "get it" they've had no REAL* reason to run screaming from Windows to Linux

(* By this I mean some compelling reason for overnight change.)

Previously, what it would have taken to get these people to switch from Windows to Linux was a more refined Gnome/KDE and a more graphical installer (sorry gui RPM, while powerful, is just too different).

Now they're scared..

Scott

This could be very good for all open OS's.

[Dast]

The fact that some American agency can spy on supposedly "secure" systems in other contries may make their admins think twice about using Windows (or any other closed OS). This is something even the PHB's can't ignore.

I know if I owned a company, I sure wouldn't want NSA taking my company data to help out some American company. Yeah, sure, they are not supposed to, but what is to stop them.

So admins in countries other than US: start looking at open *nix systems. You can actually have some security with *BSD and Linux.

(Heh. Just like America seems to be the last country still holding off on the metric system, it will be the last country still using Windows.)

Re:This could be very good for all open OS's.

[dwmw2]

(Heh. Just like America seems to be the last country still holding off on the metric system, it will be the last country still using Windows.)

Hey - we're doing a fair job of holding off on the metric system here in the UK.

Re:This could be very good for all open OS's.

[Adam+Knapp]

Well it is called the English system.

My 2 bits

[tweek]

It's really kind of sad. I read the article straight from slashdot and not even *I* got the feeling that the NSA had anything to do with this, and I'm one of the biggest anti-ms/government types here at the office. Is this company reputable? Aren't they being stepping rather lightly on the side of slander/libel ( i forget which one applies) on Microsoft? It seems rather irresponsible on thier part. Maybe I'm just feeling semi-pro MS today after reading the Newsweek interview with Bill Gates. At least he's putting his money to good use.

Re:Isn't this illegal?

[Borealis]

If they actually used it to actively spy on people without a warrant then a qualified "yes". Basically it's the same deal as with key escrow, just because they *can* use it to spy does not necessarily mean that they will use it. They are supposed to obtain a warrant before doing that sort of thing.

The problem that most people have is that some government agencies are a little loose about obtaining warrants, or alternatively the judges may be a little too loose about granting them. The very fact that they could be able to access all your data without your knowledge is what riles most folks.

errors

[MacJedi]

No one figured out that backdoor until Microsoft forgot to remove the explicit name NSA_Key in NT SP 5? What kind of joke is this? Or is it a programmer at Microsoft that's covertly working for the Open Source movement? :)

It could be a joke. It could be nothing at all. But why are there two keys- and why was this kept hidden? Sure, if it is the NSA that has backdoored Windows- that is a Bad Thing(tm). But I don't care if a janitor that put it in there- a backdoor is a backdoor is a backdoor.

Also, I think that this would be exactly the way that the NSA would invade our privacy- through collusion. Why spend the time cracking an OS when you can have Bill and his boys save you the trouble? If you need another example, look at Echelon. Don't spy on your own people, spy on the others and trade the information. Same idea.

It's a decoy. The NSA has a backdoor somewhere else, much less obvious, and this is meant to make us believe the NSA backdoor has been found.

This is a real possibility, but I don't think so. Why bother making a decoy if the source is closed? We may have never found it had not someone droped the ball with SP5. I'm not saying there aren't other backdoors elsewhere, for all I know the entire TCP/IP stack is rigged, but thanks to closed source and unethical collusion it's likely no one will ever know.

You know, many of us like to bash M$

[EXpunk]

And not without reason, certainly. OK, here is another problem with a Microsoft product, big shock. Hotmail had a "back door", no kidding.

BUT, that does not give anyone the right to be pricks.

Someone I work with was just flamed by another person to whom my co worker had sent a document in an M$ format. The recipient was a Linux user, and the only geeks my co worker has encountered were me and the geeks here (i.e. some laid back MFs)

For many of us there is no alternative, we have to be compatible with other businesses. Yes, there are products that will open Word/Excel documents, but going back again is not always easy. Any of you ever try to open a Claris document in Word 98 on a Mac? It gets all buggered up.

Spreading the Linux/Unix gospel would be _much_ easier without people being smeg heads about it when someone uses a different platform. You want a Mac? Be my guest. You think Win98/NT is the bees knees? Knock yourself out. You want a powerful, stable

All we do when we flame people for standing up for M$ or using their products is make the Linux/Unix community look bad, like childish, bad tempered simpletons. It is counter productive to flame, mail bomb, or crack someone for using or liking another product.

Here is a neat idea. Before you write that flame, pretend that person is right in front of you. Or better yet, remember that it makes YOU look bad.

*rant mode cancel*

Sorry, I just don't understand why people who would otherwise be perfectly polite and cool suddenly become total a**holes over really stupid smeg.

blah blah blah, I'll shut up and drink my beer :)

Re:You know, many of us like to bash M$

[Greeno]

Sit back and let me buy you a cold frosty one.... Nice to see some sense in the advocacy of Linux. I have to use MS at work - and for the most part it does what it's supposed to do (when its up). Whenever people flame MS worshipers it just makes them put up the barriers and retaliate in kind..... Still, its Friday and it's hometime. TTFN Guys&Gals Have a good weekend.

Re:You know, many of us like to bash M$

[despair]

Amen to that. I'll advocate Linux to Windows users because I think it is a better alternative in most cases (but not all!), but I'm no zealot. At a guess, I'd say that most of the "Linux/BSD is the best. Everything else sucks!" people are all fairly new to (less than 5 years of experience with) their oh-so-holy OS. How often do you see old-school BSD or Linux hackers flaming the shirt off of a Windows user? Never? How often do you see them flame other unix-like OS users based on which OS they have chosen to use? Never? Like I mentioned before, I like Linux (haven't tried a BSD though). It is unfortunate that the majority of the vocal Linux community has the attitude that 'Linux is better than Windows, so it must be better than everything else,' along with 'Windows users are stupid.' Like people have mentioned before, they may only have Windows boxen at work, so to send something as an MS Word document may be the only option for them. Before you blast the next person who sends you a Word document, remember that while they may be limited to specific OSs at work, at home (and in their hearts) they may be a Linux bigot just like you.

Re:You know, many of us like to bash M$

[Masem]

Amen. I don't care for Win9x (and if you read the article, the 'backdoor' is in there as well), but I have to use it because of my chosen profession. Plus, I like to play games. Sure, Linux is great for everything else, but until it gets a *FULLY* compatible Office app, and a tons more in terms of recent or coreleased commercial games, I cannot get rid of Microsoft products.

Re:You know, many of us like to bash M$

[H0ek]

I agree. Most long-term users of Linux that I know are confident in their "Linux"-hood ;-) I guess you would be too if you had to install an entire operating system from a two-foot stack of floppies. But I digress. What am I worried about with Micro$oft security problems? I have no secrets. My life is Open-Source ;-)

Re:Computer "BUG" (NSA listens in)

[Jimhotep]

I've read that phones can be listened to
even when on the hook

but I'm just crazy

NSA key to read Windows?

[malkavian]

We have here a widely known security agency, which, I get the strong impression, could pull on the skills of some very competent crackers should it be required to... And a notoriously insecure OS. Why on earth would they need a back door?? If these guys want in, they'll get in, and work out a tool to do it to any machine they care to name... Just doesn't make sense.. I'd assume the key refers to something else with the same acronym. Malk

CryptoAPI pretty pervasive

[MenTaLguY]

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Pretty much everyone and everything under Windows, directly or indirectly ... ActiveX code signing, Outlook, Internet Explorer ... authentication, I think ... you name it.

Berlin-- http://www.berlin-consortium.org

Re:We let the government decay to a dangerous poin

Good you mentioned the FBI. I have a lot of respect for and know a lot of old FBI agents by virtue of my father, who was one himself. The difference between the old guys and the new guys is night and day. Waco would never have happened when the people that Hoover had in were running the place -- they would have grabbed him jogging, and gotten a warrant and served it politely and firmly. Torching women and children was inconceivable. I remember my father's reaction -- he didn't say a word for almost a week.

I don't care if Hoover did spend his leisure time in a nice Chanel day-to-evening and tasteful-yet-daring Ferragamo pumps -- he got in and kept good people who did real detective work. They went out and they detected. And having known quite a few of them, I have to say that they were remarkably good people, in an absolute sense of good. The didn't lie, cheat, or steal. They were good to dogs and children. They were morally inflexible, but that was understandable. I don't know what happened to those people and people like them.

Lately, with the lastest unpleasant revelations about what ever the Hell happened in Waco, there has been a lot of footage of the Texas Rangers testifying before Congress. They are big, fat, sneaky-looking rednecks. They are probably vicious and quick on the trigger. And damn but they do look like good detectives. Where the attorneys for the FBI keep saying things that don't make sense, the Texas Rangers are direct and clear and so obviously in contempt of the FBI that it is hard for me to watch it.

My father is not around to see this (pancreatic cancer), but I remember him saying before Waco that the four best police agencies in the world were (in order) the FBI, the Texas Rangers, the Texas Department of Public Safety, and the Mexican Federal Judicial Police. After Waco, he never brought it up again.

The iron law of beaurocracy is that only first rate people promote first rate people. Second rate people promote third rate people, third rate people promote fourth rate people, and so on. I think that it is time for housecleaning in at least one are (the FBI). Clearly, this can be extended to other places.

Re:Stealth Operation?

[Ivo]

It's in SP4 too. But in SP4 they removed the debug symbols correctly so that you can't *SEE* it.

In SP5 they made some mistake, due to which the alleged backdoor can be seen.

I still don't believe it's really a backdoor though until I see some proof of that, but hey, it's nice pro-Linux press. :-)

Greetings,
Ivo

Some NSA backdoors are explicit

[Paul+Crowley]

First, this is being presented at Crypto '99, not Def Con Two. It's peer reveiewed, guys, it's pretty much bound to be legit.

Second, every copy of Lotus Notes carries an explicit NSA backdoor, called the "Cryptographic Differential Work Factor". Essentially the point is that part of every secret key is encrypted with the NSA's public key, so where we would have to brute-force 128 bits to get in, they have to brute force only 40. So there's precedent; it's not as implausible as some people here seem to think. It may not be a back door in the simplistic way some people are thinking of, though.

The algorithm the guy used to find the key is documented in Adi Shamir and Nicko van Somoeren's paper "Playing Hide and Seek with Stored Keys" - you can find a link to the paper here alongside my implementation of the technique described.
--

Re:Comedy of errors

[Shafik]

Good points but:

4) The NSA just wants to make it easy for them and
if MS didn't screw up probably no one would know. Who the hell wants to hack into a box
when you can have a backdoor. Also there is
nothing saying a foriegn agency of some sort
couldn't make NT less hackable, although
IMHO they would be using Unix in first place
but you never know.

Of course this assumes the who thing is really what it looks like.

who knows these days, eh?

vmware

[shaldannon]

if you're trying to avoid windows, don't run vmware...all vmware does is act as a virtual machine...you still have to run 'doze on top of it...


Who am I?
Why am here?
Where is the chocolate?

Re:vmware

[slackergod]

yeah, but with vmware you can slap windows into a virtual network, behind a linux firewall, which you can control absolutely with ipchains, etc.

Re:Encryption is needed now!

[wings]

Let's see...

First Microsoft uses questionable business practices to monopolize the market, and the government is a little slow in acting upon that, ensuring Microsoft products like Windows and Office are installed on most of the world's PCs.

Then we see articles like this: Feds Want Access to Your Machine where the Government wants to make it easer to search for passwords and override encryption using 'devices, if necessary'.

And third, we find that (if this is true) function calls to make access easier may already be installed on Windows computers.
wings

Re:Encryption is needed now!

[bnenning]

It always amuses me when anti-anonymity posts come from ACs...

Re:Isn't this illegal?

[Jimhotep]

Any part of the government can do
anything it wants to.

It's a free country.

mama if that's moving up then I'm moving out

[G27+Radio]

I hate my apartment. Yeah, it's in a nice neighborhood and all, but it sucks that:

a) The leasing company owns it, I just pay to use it.

b) The leasing company has a key which they use to enter my apartment with or without my consent.

c) They take their sweet time about fixing stuff.

If someone were giving away free land with housing on it I'd move in a nanosecond because:

a) I would not have to continually pay the leasing company rent despite shoddy maintenance.

b) No one else gets a key unless I give it to them. I still can't stop a determined government agency from barging in, but at least they can't just waltz in because the leasing agency doesn't mind handing over my key.

c) I'll deal with mowing the lawn myself especially if the house is well built and helpful neighbors take care of fixes/improvements in a timely manner--free of charge no less!

I'm not exactly hopeful that I'll find such a situation, at least not in RL.

numb

Re:mama if that's moving up then I'm moving out

[nstrug]

Umm, I don't know where you live, but generally a landlord cannot enter your apartment without your explicit consent unless in an emergency (fire, leaking pipes etc.) If they do, change the locks and charge it to them. Go to your city hall - they usually have a leaflet called 'Tenants' Rights'.

Nick

Re:mama if that's moving up then I'm moving out

[Slur]

The post was an analogy about Windows NT.
An analogy compares one thing to another.

Yeah, I'm a Mac programmer. You got a problem with that?

We need verification!

[DerMarlboro]

I agree with the folks who are saying that the link to the National Security Administration is a weak one. NSA could stand for anything. But it is definitely a serious enough matter to warrant further investigation. How can we verify the nature of this key? Are there any MS or NSA contacts out there that know anything? Can we find any case of the NSA key having been used to compromise security? Can we find use of the NSA key anywhere in Windows code? Anyone thought of asking the big-wigs at MS to explain the meaning of the NSA key? Can we get this into the mainstream press, and force a statement from Microsoft?

Re:We need verification!

[Ender+Ryan]

As if that would do any good! Microsoft would just make up some story, or say it was one of their programmers (who they just fired for it) playing a joke.

Gimme a break, we will most likely NEVER get a decent answer for this.

We are left with only one choice these days if we value our privacy, use an Open Source OS, like Linux or *BSD.

I'm not even a Linux advocate, or an OSS advocate, I just use whatever works for a given job. Interestingly enough, Linux works for almost everything I do(except games dammit!).

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[ejay]

The phrase "If you ain't breakin' the law you ain't got nothin' to worry about" was one used frequently by government snoops during the McCarthy era witch hunts.

And you will hear Nazis uttering similar phrase too in old grade B black and white melodramas.

If you are not doing anything illegal then the government does not even have the right to inquire and we need to make sure it stays that way.

Yet another reason to abandon Micro$oft. Real operating systems don't need mice.

Menwith Hill

[acb]

Distance has little to do with it... all your traffic would go through Menwith Hill if you lived in Istanbul, Helsinki or Cairo. They watch all of Europe, North Africa and the Middle East from there.

Re:Shocking

[Enoch+Root]

Why don't we stick to Microsoft bashing?

Oh, and miss the golden opportunity of a story to put X-Files to shame? It's all really obvious to me.

JFK Jr. knew about it, and tried to counteract the NSA by flying away to Mexico in a plane. Now, the NSA were afraid, so they contacted Naval Intelligence, who downed JFK Jr.'s plane by using the HAARP project and a bit of plutonium from Cassini.

But fortunately, the aliens infiltrated Microsoft (not that it's hard) and they mind-controlled the programmer to put the REAL key value of NSA_KEY in place! And it's up to the Linux community to save the world and provide strong crypto to dolphins to they don't end up in the FBI's tuna salads.

It's not because it's false that it ain't fun. :)

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Off-Topic, but really funny...

[Morendil]

The German Webpage has the following phrase :

Die von Microsoft für Programmierer zur Verfügung gestellte Anwendungsschnittstelle für Verschlüsselungsfunktionen, die sog. "Crypto API"

where the last few words actually mean "the so-called Crypto API" (and are short for "die sogenannter Crypto API"). This is translated by BabelFish as

The application interface for encoding functions, provided by Microsoft for programmers, which sucked. "Crypto API"

which is in fact a very quite appropriate translation, even if it is right for the wrong reason... ;)

One assumes "sog" is the past perfect conjugation (sp?) of a verb that actually means "to suck" in a more or less literal sense.

Re:Computer "BUG" (NSA listens in)

[sanderb]

I've read that phones can be listened to even when on the hook
but I'm just crazy

No, you're not necessarily crazy.
The way I remember it here in the Netherlands a group of criminal defense lawyers complained about a year ago. In a lot of their cases a phone tap was authorized against (suspected) criminals, after which the police reports mentioned that the phone was accidentally off the hook while criminals were chatting (not on the phone mind you, just in the room) about their endeavours.

The lawyers thought, 'hey our phones are never off the hook, why are our clients so clumsy!'.

So some independent institute (not Mindcraft) did some tests and as it turns out for a lot of phonenetworks in the Netherlands, when you put a high frequency directly on the twisted pair line, you can listen in even when the phone is on the hook....

Re:My God, It's a global conspiracy!

[Jburkholder]

You might wanna go back and try that with NSA, CIA FBI and AT&T also! ;-)

PGP

[Hellsson]

Does this NSAKEY thing apply, in any way, to use of PGP from Network Associates?

NSA isn't the bad part

[Bookem+Danno]

yeah it's possible that MAYBE the NSA has this key and blah blah blah.
but think about this - you can remove it.
so basically a new key can be loaded into your computer to allow non-authorized CryptAPI calls to be made.
Does anyone else find this very disturbing?
I don't know if i'm catching the doc right or not, but couldn't a trojan progam be loaded overwriting the NSAKAY variable to a new key, which could then authenticate a certificate for some no-name site that could then, when you visit it, install apps on your computer at it's choosing?
again - to busy to go into the details of the doc - so i appologize if i'm completely mistaken.
well back to work now

Re:NSA isn't the bad part

[bookemdano]

Whoops. Sorry, man.

Didn't see that there was another Bookemdano (more
or less here). You got dibs, I'll change to another alias.

Re:NSA isn't the bad part

[Jack_Lord]

He back, 'bra.

Why the NSA would do such a thing?

[SyscoKid]

Becuase of all the lil' script kiddies cracking abunch of sites... And the fact that alot of classified information has been obtain through a windows operating system..

Re:Running screaming to Linux?

[Phrogman]

What I plan on doing is redesigning my system layout so that it is a dual-boot Linux/Win98 system, with nothing important under Win98 because it will be there solely for the purpose of playing games (which is about all its good for it seems), and all of my personal information, and written materials safely over on the linux side (and now it seems, probably encrypted as well). I don't have anything to hide from anyone in particular, but I sure dislike the idea of a foreign government agency (I am Canadian) being able to pry through my information, without my permission and in complete violation of the law.

Mind you the US is heading towards becoming a World Empire anyways - First Echelon, now this bs.

Linux Here I come, full steam!

The downloadable "fix"

The organization that found this has provided a fix available for download that removes the NSA key. My question is, whose key did they replace it with, if any? Their own perhaps.

No.

[kuro5hin]

I thought it was illegal for the NSA to spy domestically? Or is that just the CIA.

No laws apply to the NSA. Seriously, I'm not making this up. They cannot even be compelled by Congress to officially admit they exist. They are simply, by charter, not under the authority of anyone (as far as we know, of course. And "Charter" is kind of a vague word here too-- no one outside the agency is really sure what their charter is, as the only document that could be called their "charter" has never been released to anyone, either). And SIGINT is their business, wherever the SIG's may come from, or go to. For the most part, they've tended to view their mission as foreign intelligence, but they've certainly not been above domestic snooping when they feel it's in their interests. Not to mention their collection of domestic data for foreign countries and turning it over unexaminied (UK/USA). Big Brother is most definitely watching.

Re:We all knew MS was looking in on us...:)

[alumshubby]

It's not all that hard to envision somebody from NSA being introduced to somebody from M$, and after a drink or two, discussion rolls around to those twin hobbyhorses, Terrorism and Narcotraffic. "Hey, you could really help your country out here by just putting in this little bitty ol' hack..."

If you really like conspiracy theories, here's the quid pro quo: "We can talk to some people (read: harrass or coerce some people) at DOJ to cut you guys some slack on the antitrust thing -- you know, slap-on-the-wrist, admonish you to play fair, just enough to satisfy the media that Justice Was Served [Commmentor's note: I mistyped "Serviced" at first], and you guys can get back to business as usual."

Get the word out NOW!

[mcdett]

Don't let this slip by. Tell everyone you know and help them to understand the implications of this. We already have several smaller news organizations trying to get a comment from M$. IF the word gets out and the bigger news organizations start to care we will all benefit.

Re:That's just being lazy

[HyPeR_aCtIvE]

If you don't know and don't care to find out what the three lines mean then why the hell are you even worring about how secureyour os is?? What are you going to do trust someone??? Yeah, and like 1000's of other people you get burnt just like them. If I can't see the code, I won't use it on my servers.


Ok, so you personally have looked at every line of code that Linux runs, and have personally verified every single bit of it? If so, I congratulate you ... However I personally don't know anyone who does this.


In fact, the particular case that I was mentioning was if I had a piece of code (Lets say majordomo), and I just wanted to add one neat bit of functionality into it. I'm going to search through the code skimming it to find what looks like the area my code should fall, and insert it there. I'm not going to take the time to fully figure out what all of the program does, just to follow the flow enough to get where I am wanting to be, and I think that most other programmers I know work the same . . .

This is horrible!

[X-Usagi]

You people are talking about how this is good for the Open Source community, and aren't even really expressing the extreme sense of betrayal you should be feeling.

This a horribly wicked infringement on our Privacy and on the Privacy of others.. this had better reach the ears of the populace. For once a wide-spread scare such as as the one that this might incur could actually produce "helpful" legislation, instead of the backwards kind that always seems to arrise from terrible events but actually ends up doing no good... from this we may actually be able to get some good done.

Sure, I am now secure in my Privacy, I am behind a firewall, I'm starting to use SSH, I really only use Linux as my main OS (though I do use Solaris and plan on trying out FreeBSD). However, we mustn't forget our "friends" that use WinX or those we work with.

Monitoring the monitor

[phil+reed]

The exploit is referred to as 'Van Eck' monitoring. 'Tempest' refers to the technology to block this kind of monitoring.


...phil

Re:Monitoring the monitor

[prijks]

shredding the instructions to the shredder...

Re:Come on kiddies....the NSA is MUCH smarter than

[mikej]

It may be a "cute joke", but it appears to be a "cute joke" that radically compromises the security of _any_ WindowsNT system that uses crypto (VPN servers, for example). They've got a demonstration whereby any local user can replace the _NSAKEY value, possibly with one of their own. It looks like a *huge* backdoor. I'd like to see more proof, but I don't have an NT system handy :(

Re:Duh!

[acb]

Face it. If you want to keep a secret, its better not ever go across a wire, airwave or hit magnetic medium.

That won't help; they can just use a SQUID to read it out of your brain.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Love them Nazi films.

like the line
"your papers"
love that one

say, how many documents are you required to
carry to travel legally in the state I live in?

lets see
drivers license
liability insurance form
car registration sticker
car inspection sticker
license plates

"your papers"

just have to get this in
the Nazi party was "National Socialist"
how could they be "right wingers"?

Spying on American Citizens?

[kevlar]

If we had a truely just system of government, then this would constitute evidence that the NSA was breaking the law and spying on American Citizens. Its one thing if they implement this type of thing in all software leaving the country, its completely different however when 256M people are going to be potentially using the software at one point. As soon as I have some evidence that this is in fact happenning, I'm going to make a couple phonecalls to my congresswoman and senators.

Re:Spying on American Citizens?

[delmoi]

I'm going to make a couple phonecalls to my congresswoman and senators.

then you are very stupid
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Spying on American Citizens?

[kevlar]

Stupid? First of all, I'm not the one with the hotmail account. Secondly, I'm sure they'd _LOVE_ to know that the OS used by probably 75% of the governments computer systems has information on it which is readable by the NSA, and due to espionage that everyone knows is occurring, readable by the Chinese, Koreans, Russians, etc. Hell, I'm sure the Chinese could brute force the private key, in which case they'd have the same level of access as the NSA.

Re:Well, this is another argument for getting sour

[fReNeTiK]

This post just scared the hell out of me...
--

That's what they want you to think...

[Fict]

I see a lot of people saying "If the NSA put a backdoor in windows, would they really call it NSAKEY?" Well.. Maybe they would, after all no one would expect them to. It would be stupid. Perhaps that's what they want you to think.

------------------

Re:Encryption is needed now!

[dattaway]

I remember a great anonymous remailer in Finland that we used in our college days when engaging in email from from the social newsgroups and getting a penpal. Sometimes being anonymous helps when finding relationships.

I remember that anonymous site getting raided because Scientologists were unhappy about a very vocal critic used that site to post very unflattering things about them. It was an army of lawyers from hell that ended what many thought was a great service. The computer was taken and the logs were no longer secret...

Re:This is nutz!

[um...+Lucas]

This is probably due to laziness on Microsofts part, or due to their marketing drones... I seem to recall the same thing occuring a few years back with Lotus Notes... The domestic version used 64-bit keys, while the "for export" version used 40-bit keys plus a 24-bit NSA key... The end result being that anyone interested in the data would face a 64-bit key (probably considered unbreakable a few years ago) while the NSA would only need to crack a 40 bit key (been breakable for quite a while)... This only applied to the exported versions, though.

Microsoft, in their marketing wisdom, probably chose not to have a domestic version and an exportable version, so as not to taint buyers of the exportable version with notion that it had easily defeated security. Therefore, they kept quiet about it, and did what Lotus did, but for their entire product line rather than just the part that was destined for sale outside the US...

I'd be much more angry with MSFT than the NSA... It's their (NSA's) job to collect information and spy, it's up to the people, businesses, and our gov't reps to try to keep them in check.

The Solution

[AftanGustur]

The "solution" for MS/NSA/Unknown is to move the NSA/Unknown keys to the part of the code that is verified by the MS key.

That way MS/NSA/Unknown still get to use there keys, is will be impossible to remove or change (It will break the integrity test) and No foreign parties will be able to create and distribute Crypto code.

Expect this to be "fixed" in the Y2000 relese.
--
Why pay for drugs when you can get Linux for free ?

Code freeze? Pshaw!

[acb]

Where's the fun in that?

Besides, if you're really paranoid, you'll go for OpenBSD, not Linux.

*What* DES back door?

[Paul+Crowley]

Years of analysis of DES has shown that the only back door in DES was right out in the open: the 56-bit key. Everything we've learned about cryptanalysis in the mean time has shown that IBM (and possibly the NSA) went to some lengths to strengthen DES against attacks we didn't even know about at the time. What are you taking about?

I don't believe any of your three possibilities. I think it's exactly what it seems, and that the NSA like to have their lives made easier.
--

Re:*What* DES back door?

[Enoch+Root]

I did say "alleged backdoor"... I didn't want to cause a panic. :)

I'm talking of the tampering done on the S-boxes by the NSA when IBM sent them over. Cryptanalysis shows that the NSA strenghtened aspects of it, while other aspects seemed purposefully weakened. I don't have the details... It's mentioned in Bruce Scheier's "Applied Cryptography".

Cryptanalysis has shown DES to be secure, but there remains the lingering doubt that the NSA tampered with it on purpose to facilitate their own brand of secret cryptanalysis algorithms. Hey, I'm sure DES has been cracked by the NSA a long time ago. It ain't for nothing that the AES is being selected.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

TEMPEST

[acb]

If it radiates a electromagnetic signal, it's not secure.

Unless your Pilot has a solid lead case, I suspect it's vulnerable.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Ever do something just to see what happens?

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

Ooooh, and I bet they could grab your web cam and take compromising pictures of you with your girlfriend in bed if the computer is in your room!

And they could remotely install a plug-in to get your keyboard to capture your fingerprints in case you download any kiddie porn, and turn your monitor into an x-ray machine so they can take pictures of your brain while you play quake to tell if you are a potential school-shooter.

Geez, too bad the NSA doesn't have anything better to do than spy on average computer hackers. Guess they got tired of interecpting everyone's email and following foriegn nationals around watching for them to rent u-hauls and buy fertilizer.

Re:NSA Security

[dirty]

It wasn't the NSA, the rating was the "equivalent of a C2 rating" which means absolutely bunk. If it were really C2 Microsoft would have gotten a real C2 rating. And I think all NSA ratings, except D1 which offers no protection require that the machine not be connected to a network and not have a floppy drive. Nothing connected to any network is every 100% secure.

Is my PDA the only private device I have anymore?

[el+bastardo]

Reading through all this, I have come to the conclusion that the only truly private machines left are those that

1. Are not connected to a network
2. Are under the complete physical control of the user, and no one else
3. (Corrolary to above) Never leave the user's sight

The only device I own that (almost) qualifies is my PDA (a Palm III). It never leaves me, and is completely under my control. However, it does occasionally connect to other machines (modem, hotsync). But realistically, this is the only device on which I can comfortably put private data.

What we need is an open-source crypto program for PDA's that can be used to

1. Protect private data even better
2. Be used to beam messages via IR to other users (it's kinda hard to eavesdrop when you're Can you imagine [insert favorite evil entity here] trying to eavesdrop on IR connections? OK, so it's a bit impractical, but it's still a cool idea. Now, if I just had the Palm SDK......

Re:Well, this is another argument for getting sour

[ywwg]

Yay capitalism!

This will be fixed in the next version/SP !

[AftanGustur]

Don't worry, this bug/mistake will be fixed in the next release or servicepack.

All that MS has to do is to include the NSA and the "Unknown" key in the code that is verified by the Microsoft key.

Don't worry, Big brother knows what's good for you.
--
Why pay for drugs when you can get Linux for free ?

Re:Computer "BUG" (NSA listens in)

[FreeUser]

Theoretically they could even do this on systems that don't have microphones attached -- by using the system's speakers. A speaker can easilly be used as a microphone (ambient sound in the room can move the speaker's magnet(s), which in turn produce small signals going up the speaker cable and into the sound card. A little clever programming, loaded into the MS "security" module ... well, you get the idea). Do a little signal cleanup on the raw data and wala -- it may not be 32-bit stereo, but it is understandable.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[kevlar]

If you aint' breakin' the law
you ain't got nuthin' to worry about.


A Man smarter than you once said that, except he used proper grammer. His name was Adolf Hitler and this was one of his techniques at removing privacy and civil rights from the people of his country. Go figure.

Re:Comedy of errors

[Enoch+Root]

Regarding the NSA taking the "easy way in" as an explanation of why they need a backdoor to crack NT:

I think if I were both lazy and resourceful (I know, same thing) like the NSA is, I wouldn't put in a silly backdoor. Even if it's closed-source, it doesn't mean that you won't have tons of security consultants poking around the OS, and let's face it, Win98 source code was available in parts even before it came out. (Or so I remember from warez sites... Feel free to contradict me on this.)

What I'd do is, sit down with Microsoft security experts (tee hee... sorry, couldn't help it) and map out how their own security works. Then, instead of requiring a backdoor in the OS itself, make a small, portable tool that exploits a security hole so obscure that only by being NSA dudes and working with Microsoft can you find it.

And if at some point along the line your security hole is made public, then it's just a silly security hole, not a NSA mole. So you sit down again with MS security (hah hah hah! oops) and find another one.

Am I missing something here? A direct backdoor still sounds like a silly idea to me.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

no argument. see my reply to the previous post

NEWS.COM - Mainstream coverage

[Gryphon]

... is here.

Nothing more than a gloss-over news alert at this point, but at least another source is looking at this.

Maybe we can determine whether this is for real or not with a 3rd party verification.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[pal]

he could have, except that historians say germany didn't have nukes while hitler was alive.

Re:Sounds like a Canadian

Well, no, actually, I'm not. I was sent to a "public school" by my parents when I was growing up (the American Schools had a series of pretty well publicised pot busts, so off I went) and have never shaken all of the little cues. On the phone, Indians think I am Indian, South Africans think I am South African, Irish think I'm Irish, Canadians think I'm Canadian, and so on, mostly curious at how long I have been in the States. Not professionally helpful, but funny. Judging from your response, I assume that you are Canadian.

And I probably need to keep my spleen in check.

Yet another reason for other countries

[Vicegrip]

To avoid MS Windows like the plague. How could any non US civil service or government ever allow a Windows installation on their machines knowing the potential issues. After hearing this, why would they even want to take the risk? If you're an American you might trust the NSA, but I'll bet if you're French you trust the NSA like you would trust a politician to tell the truth.
Use an open source operating system. It's the only safe way to ensure you know what you are getting.
Linux is the only way to go.

Re:This is nutz!

[Kythe]

You can't vote out the NSA people, but you can elect people who will abolish the CIA/NSA/others, and rebuild the intelligence system from the ground up, with substantial congressional oversight.

Check voting records, and vote for people who run on platforms that include reform. Or lobby!

Kythe
(Remove "x"'s from

Microsoft admitted working with NSA!

This CNN Story last year talked about the pressure tactics the NSA uses.

In the article, Ira Rubenstein, Microsoft attorney and top lieutenant to Bill Gates, says:
"Any time that you're developing a new product, you will be working closely with the NSA," he noted.

Re:Microsoft admitted working with NSA!

[Bobzibub]

I read this story that in the crypto industry there is an expression they use: "Have you ever been visited by " In the US there is this government official who wanders around trying to convince companies to insert back doors into their encryption systems in return for favourable export licences. There is also a Canadian fellow doing this in Canada as well. The NSA_key is a rather elegant method of allowing targeted systems to have their encryted communications compromised without being detectable otherwise. There is an MS employee in serious caucau right now......But bigger caucau will be hitting the fan in much of the world. There are going to be a lot of governments who are pissed -- well, they knew all along -- but now they will want to be seen to be looking for alternatives to MS and indeed US software products. This would be a good time to short some MS stock... Cheers, all.

You Linux guys ought to remember the K&R backdoor.

[porkchop_d_clown]

A couple of years ago, Ritchie revealed that he had put a back door into the original UNIX login program that no one ever caught: He added code to the C compiler so that if the compiler was compiling login.c, it would inject the back door function. He then added code to the compiler so that if it was compiling *itself* it would inject the code to create the login back door.

He then deleted the code from the C compiler source. You could examine the source all you wanted - but when you recompiled the compiler, it inserted the backdoor creation code into the new compiler - and when you compiled login.c, it would add the back door to the login executable.

He claimed the trap door existed for years on many ports of UNIX. Any port of UNIX that was built using a cross-compiled version of the original C compiler had it.

It would be straight forward to replicate this process in GCC. It would spread much more slowly (unless you managed to get your binaries picked up by a major mirror) but it would be nearly undetectable.

--

Re:NSA Security

[Mr.+Slippery]

And I think all NSA ratings, except D1 which offers no protection require that the machine not be connected to a network and not have a floppy drive.

There is a network interpretation of the TCSEC; it's the Red Book in the rainbow series. However, it does make all sorts of assumtions about the physical security of the network that are unrealistic for most of us.

I worked on a firewall based on HP's trusted (B1/CWM) version of HP-UX with MaxSix trusted networking. It was a real mindfuck.

And I think it's possible to have a floppy drive or other removable media in a trusted system; you just can't have the possibility of booting from it.

How about IE5

[Wah]

I submitted this the other day, but I guess it wasn't impo'tant nuff. Basically lets HTML code run ActiveX and do, well, pretty much anything.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Pont]

At least in California, I believe you are legally required to have either an official ID or a driver's license on you if a cop asks for it, whether you are driving or not. It probably only applies to people of a certain age.

Re:Computer "BUG" (NSA listens in)

[phil+reed]

Yeah, and it's too bad the FBI doesn't have anything better to do, so they spied on U.S. citizens simply because they were donating and supporting the wrong political party (i.e. against Nixon).

See, the problem is that we have a demonstrated history of the gvmnt misusing their powers. If it happened once, it can happen again. And what makes you think the NSA wouldn't provide that back door to some other governmental department that asked for it?


...phil

Re:Encryption is needed now!

[SoftwareJanitor]

Then we need to do away entirely with anonymnity on the 'net.

We need to insure that total anonymity on the net is available forever. Cryptography will make that possible.

and it will help people shut out spam

Getting rid of spam won't be that easy. We don't have anonymity in the world of telephones, and we still get telemarketing calls. We don't have anonymity in the postal system and we still get bombarded with junk mail.

and get rid of the creepy nature of the 'net as it now stands

Creepy? Err... what 'net are you on?

It will also make people accountable for what they say in public online, just as we're accountable for what we say in public in the real world.

I read that as 'it will have the same chilling effect on free speech that we see in the real world'. Just as it is possible to circumvent public accountability in the real world, it will continue to happen online.

These are good things.

These are at best pipe dreams. At worst, they will lead to big-brotherism.

Maybe what we need to do is allow people like you that are afraid of somehow, possibly, being offended by something to just filter out anything that is anonymous. But why prevent the rest of us who think that a few Anonymous Cowards out there might occasionally have something worthwhile to say from listening if we want?

Probably just an error!

[PD]

It's been two years since I wrote code to sign certificates, but IIRC, the NSA is at the root of the tree.

There's 5 levels or something like that, and the NSA has the key at the very top of the tree. People like Verisign have a key at level 3 or 4, and we end users might have a personal key at level 5.

This means NOTHING, except that you can prove who you say you are! It doesn't require that you need to trust the NSA for anything, and it won't give them any access.

So, am I on target, or am I talking about something completely different than the subject of the article? It's hard to tell because the article is so vague.

Anyway, I'm not too worried about security holes in my Linux box. Even if someone broke in they would only be able to steal what they could buy for $1.99 from www.cheapbytes.com! heh heh

Re:This is nutz!

[Desert+Raven]

Oh boy, I REALLY hate to tell you this, but the government DOES have a way to listen in to conversations in your house. If you have a regular, non-powered, non-digital phone, it can be used as a listening device. The phone company just "activates" your line from their end, and it's just like taking the reciever off the hook at your end, every phone in the house then acts as a microphone. This technique is taught to police officers in the academy for use in hostage situations. I would find it difficult to believe that agencies like the NSA could not do this from the comfort of their own offices. Shortly after learning about this in the police academy, I switched to using 900mhz channel-skipping phones.

Re:Computer "BUG" (NSA listens in)

[Jburkholder]

No, don't get me wrong, I have a huge distrust of these government agencies' ability and track record to abuse their power. I was just chuckling at the paranioa that your multimedia desktop PC is somehow going to become a magic doorway for the spooks to watch you brush your teeth.

Re:Come on kiddies....the NSA is MUCH smarter than

[mikej]

Oops, I need to make a retraction. It's not a backdoor into installed software at all. My bad, it seems.

Ummm.... No, it's not.

[porkchop_d_clown]

The exploit is called TEMPEST.

TEMPEST is the DoD security program for preventing the remote surveillance of computers.

--

Re:This is nutz!

[Jonny+Royale]

"Libertarians are anarchists who need police protection"

-Kim Stanley Robinson

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Nspectre+Anatomy]

If you aint' breakin' the law you ain't got nuthin' to worry about.


I'm sorry, but... I just have to give an incredulous chuckle every time I see someone spout the above.

Just look at the US Justice Dept's track record and tell me you still believe that.

Re:MS is bad software but...

[Bald+Wookie]

NO, sol.exe has nothing to do with crypto. Its powerful mind control software! Sol.exe is responsible for turning once productive middle age office drones into drooling click and drag morons. Just last month we had send 15 of our best people to the super secret sol.exe deprogramming center. You may be familliar with it. Most people know it as the unemployment office.

-BW

Maybe...

[supz]

The hooks have to be specifically for cryptography in order to be illegal. People get around this by providing general "module"
interfaces which can be used for lots of things.... including crypto. Making it crypto specific is a no-no, as far as I know.

Having said this, there are some well-known exceptions: microsoft's crypto apis and sun's java library apis, for example. I don't
know if they got a specific license from the gov't, or if the law was loosened. I rather suspect they got a license.

maybe this is why they got whatever license this guy is talking about.

Babelfish translation

[mapultian]

Ya know, I was always semi-impressed by Babelfish, but this just made me like it more:

"The application interface for encoding functions, provided by Microsoft for programmers, which sucked."

Dude, it said "which sucked", from a translation! That's so cool.

Re:Stop being so paranoid!)

[Cid+Highwind]

>he problem with allowing the random hard drive
>scan is the same as police check points.
>Pull everyone over, and arrest those are breaking
>the law.

Umm, in my state (Texas) the highway patrol *can* pull everyone over and check for drunken drivers, drug runners, etc. The supreme court has upheld roadblocks like this before, as long as they are not selective about who is pulled over. (i.e. stopping every fourth car is allowed, but stopping only cars driven by minorities or teenagers is not) Or so I've heard from two poli-sci professors and a cop. YMMV

deliberate

[sql*kitten]

Has anyone considered the possibility that Microsoft deliberately left the symbol in, to reveal NSA's presence without risking liability?

Or is it just easier for you to blindly attack Microsoft given the slightest excuse?

Erm... *about* No Such Agency (was Re:Duh!)

[alumshubby]

Do you really think the NSA has the type of budget problems...

As Ricky Ricardo used to say, "Loooosseeee, lemme 'splain you something." The NSA ain't got no budget. Not in the traditional sense of the term, anyway. They're not required to submit one to Congress for approval. They just get what they ask for, and the dollar figure is classified. As are basically all of their activities. And what's more, unlike the CIA, they have *no* legal restrictions against *domestic* intelligence activities -- seems that during those pesky Church Committee hearings on the CIA's antics, everybody conveniently forgot to ask where the ELINT came from.

Having typed all this, I look forward to that funny click on the line when I pick up my phone tonight. Or maybe my head will just disappear in a pink cloud as I'm driving to work on Monday morning...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Wired coverage

[jflynn]

There is another, little bit longer story at Wired.

Re:Comedy of errors

[bratell]

Then, instead of requiring a backdoor in the OS itself, make a small, portable tool that exploits a security hole so obscure that only by being NSA dudes and working with Microsoft can you find it.

That is a backdoor.

Comment removed

[account_deleted]

Comment removed based on user account deletion

About CryptoAPI from MSDN:

[.pentai.]

Ok, here, I'm seeing a lot of crap about this, so here it is:

The Microsoft CryptoAPI is a complete set of tools for creating secure Internet and intranet applications. Microsoft distributes the Cryptographic Service Provider Developer's Kit (CSPDK) to authorized recipients located in the United States and Canada, and to persons and entities outside the United States or Canada authorized to receive the CSPDK under specific license from the U.S. State Department, Office of Defense Trade Controls.


That's it, it's a way to make programs to send secure data over networks. It's NOT a way to authorize loading of DLL's and such. In fact, CryptoAPI is loaded via System Services (which must be done by Administrator).

What this means, is that even IF the NSA has a key to CSP's, that means nothing. It means they have authorized DLL's, nothing more. It doesn't mean they can insert them and run them from remotely.

kthxbye

Re:About CryptoAPI from MSDN:

[malice95]

Ok, here, I'm seeing a lot of crap about this, so here it is:

The Microsoft CryptoAPI is a complete set of tools for creating secure Internet and intranet applications. Microsoft distributes the
Cryptographic Service Provider Developer?s Kit (CSPDK) to authorized recipients located in the United States and Canada, and to
persons and entities outside the United States or Canada authorized to receive the CSPDK under specific license from the U.S. State
Department, Office of Defense Trade Controls.


That's it, it's a way to make programs to send secure data over networks. It's NOT a way to authorize loading of DLL's and such. In fact,
CryptoAPI is loaded via System Services (which must be done by Administrator).

What this means, is that even IF the NSA has a key to CSP's, that means nothing. It means they have authorized DLL's, nothing more. It
doesn't mean they can insert them and run them from remotely.


Wrong, The presence of the NSA key (if it is the nsa's key) would allow the nsa to add additional modules into the cryptographic subsystem without
breaking the system. This possibly could allow the
nsa to hack in via another means or access the system at the console, and compromise all security measures by replacing your current cryptographic software with its own versions. Abit, less secure ones. The key (ms's key) is to prevent outside developers from adding crypto modules in windows without approval from MS. Hence that nice 128 bit
connection your browser is making may be plain text to an nsa spoof.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Mr.+Slippery]

China is a "People's Republic." How could a republic be oppressive?

Calling a thing a name doesn't make it so.

Re:I don't think it's for spying on people

[richnut]

It's about TIME someone with some actual windows coding experience wrt Crypto API clears this up.

What I'm wondering is if one CSP can have any runtime access to another CSP or if the modules are protected from each other?

If the CSP's are proected from each other than this really isn't a backdoor at all, Unless of course there's undocumented features to get around module protection.

-Rich

Re:Another interpretation

[Ageless]

Export laws restrict you from having any easy way to add strong crypto to a weak crypto system. This is why the Crypto API has the provider signing process with Microsofts key. It restricts new providers to be signed by Microsoft, and MS is not allowed to sign any provider with strong crypto. Export laws suck ass.

Re:Security hole? Really??

[chicken]

This isn't an exploit at all. For those of you who don't know how signing works, here's a quick overview:

To sign a document:
1. Calculate a hash of the document (MD5 is the common method).
2. Encrypt the hash with your private key.

When the user want to verify that it came from you, they:
1. Calculate the hash of the document.
2. Decrypt the provided hash with the public key and check if they match.

So, at this point you know:
1. That the document was not modified since it was signed.
2. That the document came from the source that it was intended to come from.

The reason Microsoft is signing the security modules is to prevent someone from subsituting the DLL and then comprimising your security. (Since you can't sign without the private key).

Now, if this second key (and the third one for that matter), belong to another party, it means that your computers will accept security modules signed by them to run. However, only entities with the matching private key can release the modules.

This validation mechanism only affects the loading of the security module, not the actual secured data. The author of the security modules does not implicitely have access to the encrypted data without the private keys used to encode them. It would have to get your private keys, and then store them somewhere or send them somewhere in order to be able to read your data.

Re:Comedy of errors

[Enoch+Root]

The difference is, you don't implement a backdoor. You exploit one. And you certainly don't name it NSA_Key in development phase.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

This is being done.

[cduffy]

Wait five months or so.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[porkchop_d_clown]

More realisticly - show me one person who has never done anything (smoking weed, or had an affair, for example) that could be used to blackmail them. That's the real issue here: being blackmailed by your own government. And for people who think that it cannot happen: What the hell do you think living in the USSR was like? Or china, where children are taught to report their parents' "suspicious" behaviour?

--

Re:Larry Ellison said it best when he said:

[angelo]

Your driver's license has your current address on it. Ever wonder why?

So they know where to send your wallet if you lose it.
To make sure your address matches the one on your cheques.
So they know where your registration forms go.
My address still says "118 montville street" which is not my current location. That is actually on another card as an addendum.

$NAZI =~ fascist

[MenTaLguY]

the Nazi party was "National Socialist" how could they be "right wingers"?

Technically, they were [are] fascist, regardless of what they called themselves.

Honestly, totalitarianism or statism is totalitarianism or statism, regardless of which side of the aisle you choose to stick it on.

Whether it's conservatism or liberalism that you take too far, you invariably end up at the same place. The political spectrum is circular.

Berlin-- http://www.berlin-consortium.org

Re:We let the government decay to a dangerous poin

[Jonny+Royale]

I have to disagree on one thing here, and that's your iron law of bureaucracy. The true iron law is:

Everyone rises to their level of incompetence

Re:Well, this is another argument for getting sour

This guy might be for real, or he might not. But there's a lot of precedent. Not long ago an Israeli agent was caught doing exactly that (faking reports), and almost starting a war with Syria in the process. The story was well publicised, it should be easy to find

Ananias

Re:Well, this is another argument for getting sour

[jammer]

Typical response from someone who refuses to see the recurring pattern of a government out of control and rapidly falling apart. Open your eyes -- it's not all a paranoid dream. It's real, and the comfy world they've built for you is an illusion. What is the Matrix?

Re:Doubtful

[HyPeR_aCtIvE]

One thing you're forgetting -- generally when package maintainers (Linus, for instance) are reviewing a patch for inclusion in the distribution, they won't accept it unless they understand all the code involved.

This is true, but there are two points that you arn't considering ...

First of all you are implicitly trusting the maintainers ... and they could be the ones inserting (or leaving) the backdoor code in any product. (Not that I distrust them, but it COULD happen)

Secondly that not all code is 'maintained' as well as others. Someone may have written a really cool application that they released as open source just in case someone else wanted to add a new feature. The maintainer in this case may not look over the code as well as they should, and instead are sent back a new set of source files that compile fine and add lots new features, and start using them instead! Or again, the original creator of the program could have added said back doors in.

In any case ... I'm not saying it would be easy to do at all, just that the possibility still exists, and with the level of brilliance that often exists in the programming world, I wouldn't put it past someone to be smart enough to completely hide something small.

Re:Wait just a second...

[Ageless]

Let's see. Do you use a VPN? Authentication? NT Security? Active X code signing? SSL in Internet Exporer? Dozens of others?

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

you are correct

Re:people, get a grip

[malice95]

Why don?t you read the document, all that this ?NSAKEY? lets the NSA do is build cryptographic plugins for Windows, it doesn?t give
them the equivalent of root on your system at all! (This if what I got from the article). The *most* that the NSA could do would be to
get you to install there component, then they could read information you encrypted with it. And there is *no* reason to think that the
NSA even has anything to do with this! Remember, the NSA *does* make encryption products. Remember DES? Microsoft might have put
that there to allow easy incorporation of new NSA algorithms

What is to stop the nsa from getting you to
download a popular package that replaces current
crypto plugins with ones that are vulnerable?
If plugins can be replaced using this method then
all crypto software is suspect on your system.
The next time you use your private key to decrypt
something you may be handing it to the nsa.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

Ole Dolf was one wacky dude.

If he had just had a little more vision, he
could have dropped nukes on Washington.

I would be typing in German.
I would think the "Allies" were nuts out to
destroy the world.
Everything would be just fine for me, because
I would have been born into it. Never knowing
any different.

It's that not knowing anything different that
I enjoy. Like some of the people I have contact
with every day. They don't have a clue and don't
want one. They are happy and don't want to be
bothered with facts.

Cooper calls them Sheeple

[I'm quite sure] You're wrong.

[cduffy]

The NSA doesn't release their work.

NASA's contributed a lot to the community. JPL's contributed a lot. The NSA... their business isn't releasing, but absorbing.

[Somewhat less sure of the below]

And if the NSA can get the stuff they signed automatically accepted by the Crypto API, it means they can fake ActiveX signatures (certainly), perhaps authentication stuff... I think some email software uses it... login services?

It's got the potential to be a significant backdoor.

Re:Come on kiddies....the NSA is MUCH smarter than

[Kythe]

Not just a security flaw that Microsoft knew of, but designed in.

Kythe
(Remove "x"'s from

Re:Sounds like a coincidence to me...

[alumshubby]

I'm not saying that it isn't possible, just a little hard to fathom that the NSA would allow such a blatent reference to themselves.

Oh, I dunno. I've seen more egregious security lapses than this that just got overlooked. A foul-up like this "hiding in plain sight" doesn't sound too surprising.

Re:Computer "BUG" (NSA listens in)

[Lx]

Well, then the easy solution is to use an OS that won't support your soundcard...long live FreeBSD! -lx

Or hack the C compiler

[acb]

Anyone here remember Dennis Ritchie's PCC compiler hack, in which the C compiler in an early version of UNIX (V6, I think) was modified to insert a backdoor in /bin/login, and also to insert the back-door-insertion code into the compiler? Thus, a system could be shipped with clean source for login and the C compiler, relying on a carefully-tainted binary to propagate a security hole.

While it'd be hard for the NSA to replace the gcc in all distributions, it is at least theoretically possible to introduce such a hole which, say, recognises various pieces of crypto code/random number generators and inserts subtle flaws.

Getting even more paranoid: doesn't the NSA have silent filters on all major Internet routes? Could those conceivably be programmed to patch downloads on the fly, modifying them and the md5sum files? (Assuming the level of technology and funding that the Echelon project would imply.)

Re:Or hack the C compiler

[Why2K]

It was called a "Reflections on Trusting Trust" and is available here. Very interesting, and scary, if you think that having the source code automatically makes the system more secure.

Re:Duh!

[Ageless]

There is a VERY big difference in computing time to crack a 512 bit key compared to a 1024 bit (which any security conscious person is using) or even more so, a 2048 bit key (which we paranoids) use.

people, get a grip

[delmoi]

Why don't you read the document, all that this 'NSAKEY' lets the NSA do is build cryptographic plugins for Windows, it doesn't give them the equivalent of root on your system at all! (This if what I got from the article). The *most* that the NSA could do would be to get you to install there component, then they could read information you encrypted with it. And there is *no* reason to think that the NSA even has anything to do with this! Remember, the NSA *does* make encryption products. Remember DES? Microsoft might have put that there to allow easy incorporation of new NSA algorithms

People please, realize that this *does not* give the NSA the ability to look at anything on your windows box, at most it might give them the ability to decrypt information that you encrypt with MSFT products. Since most people don't encrypt anything anyway, this has no baring whatsoever.

Also, I believe that there is a lot of Code in Linux that comes out of the NSA, correct me if I'm wrong
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:Not in my edition.

[Enoch+Root]

Tell you what, I'll transcribe the passage I have in mind when I get home.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:We let the government decay to a dangerous poin

[Mr.+Slippery]

I don't care if Hoover did spend his leisure time in a nice Chanel day-to-evening and tasteful-yet-daring Ferragamo pumps -- he got in and kept good people who did real detective work

Such as spying on Martin Luther King's sex life?

Or the Red Scare?

Or Nixon's "enemies list"?

Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

So what if the govt. can look at
what you are doing.

If you aint' breakin' the law
you ain't got nuthin' to worry about.

Paranoia is supposed to fun and relaxing,
so just don't worry about it!

Oh, by the way. My Y2K watch party starts
Dec. 31st at 6am CST.
If New Zealand falls, the rioting will begin
about 9am CST.

Look for Russian nukes to start raining down
between 3 and 6pm CST.

I'll be drunk and laughing.

sleep tight y'all!

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Rombuu]

You don't need any of those if you are taking the bus....

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[haeger]

You are joking, right?
What about personal privacy? What about buissness secrets?

If this is allowed, why don't we just install video-cameras in all houses to make damn sure noone is breaking any laws there, heck why don't we put people in jail to make SURE they don't commit any crimes.

*I know I shouldn't bite on troll posts, I just can't help myself.*

//Somewhat anonymous coward.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

no I'm not
personal privacy is dead
business secrets probably aren't

how do you know THEY haven't already put a
camera in your house? remeber the wall penetrating radar story a few weeks back?

if trying to get people to THINK is trolling,
then yes, I'm trolling

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[ars]

Ok I'll show you such a person - me. I've never smoked anything at all, never had an afair, never even had unmaried sex, never did anything whatsoever that could be used to blackmail me. I'd make a perfect politician - actually I wouldn't I'm too honest, I can't stand even small lies.

The only blackmail would be privacy type things, not illegal type things. For a (not so good) example someone installs a camera in the bathroom and takes a picture, then blackmails me by saying he would release it unless... But other then things like that I'm blackmail immune.

And yet I still value my privacy quite a bit.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Deimos_]

Germany was had a heavy water experiement with the intent of making an atomic bomb. We got to it first.

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Kythe]

Perhaps I'm just not as hopeless as you.

Many people are fighting hard to protect privacy. I think it's foolish and defeatist to give up on that goal. It would be even if things were ten times worse (i.e. if there were cameras in every house).

It is very important that this fight be fought.

Kythe
(Remove "x"'s from

Re:Stop being so paranoid!!!!!!!!!!!!!!!!!!!!!!!

[Jimhotep]

like a small church?
or some kid that breaks into a web page?

Re:Encryption is needed now!

[SoftwareJanitor]

Well, anonymity isn't easily legally accomplished on the Net. If one is willing to resort to illegal means, it is fairly easy. If one is willing to find a publicly accessable computer (such as a university lab, public library, etc) and use an email service that doesn't strictly check info, then it could be pretty difficult to trace, but not very convenient. This may or may not change as 'internet kiosks' become more common.

However, as I was saying, what all this really means is that the original poster is off base in thinking that anonymity on the Net is so much worse than what happens in real life.

This does not seem like a backdoor...

[blawrence0]

The key in question allows the holder of the corresponding private key to sign a cryptographic package and have it be installable and accessible via the Windows Crypto API. Big deal.

How is such a package going to get on your machine? Either it is distributed on the NT CD, or it is installed on a machine some time after NT is installed.

If it is being distributed on the CD, this implies complete MS cooperation, what would be the point of signing a backdoored package with an NSA key? Just get MS to go ahead and sign it.

If it is installed somehow after NT is installed then ANY means used to distribute such a package could also be used to defeat the whole code signing check, by simply replacing or patching ADVAPI32.DLL or any other files involved. So to coerce MS to install the code authentication key is not necessary, and it merely risks drawing unwelcome attention like that given here.

Ben Lawrence

Re:This is odd

[phil+reed]

I choose to use Yahoo for my mail address to absorb spam. It's much easier for me to ditch it if I need to.

You should evaluate based on what he says, not trivalities such as e-mail address.


...phil

Re:Chinese Reply via Linux

[phil+reed]

Go away, troll.


...phil

Re:This is nutz!

[Adam+Seline]

Rebuild the intel community? How about rebuild the government from the ground up! Throw out EVERYTHING, and start with JUST the Constitution That's what the 2nd Amendment is there for, not hunting. Gee, and we trust the FBI too - has anyone looked at THAT list: Waco (enough said) Ruby Ridge Mr Jewel (Leak lots of info on an innocent man) Randolph (can't catch the guy they now claim did it) James "Whitey" Bulger (Killer they had working for them) The FBI files at the Whitehouse

begin this!

[RoLlEr_CoAsTeR]

I'm thinking that NSA should have already known this, right? I mean:

1. It's their job.
2. It's been there since the beginning of Windows (or since the beginning of the Win32 versions, right?)
3. Are these people really the first to figure it out>
4. How could we know that they've not known all along? Perhaps they have been using it, even in some small, obscure, or very unnoticed way, and we're seemingly not the worse for it.

Well, that's just my thoughts. Although I don't like the idea that it's there, and I know I'll download a fixer for Win98 when they code one, I'm not going to panick, because we all knew Windows sucked anyway, right?

Re:begin this!

[mrjinks]

"...Perhaps they have been using it, even in some small, obscure, or very unnoticed way, and we're seemingly not the worse for it."

No spook agency worth their trenchcoats and sunglasses would use a hole like this in obvious ways. They also wouldn't risk discovery by using this back door on just anyone. Relying on the obvious exploitation of a security hole to prove its existence is bad practice.

-m

Well, this is another argument for getting source.

I really don't care about the licence, as long as I get the source. I would preferr GPL, but I want the source. I didn't used to feel that way, but as time has gone on I have changed my mind. The issue is less that the NSA is spying -- we need spies -- but that the whole national security apparatus of the US has ceased to be effective. CIA agents abroad have to meet quotas for recruiting foreign nationals. Not USEFUL foreign nationals, just somebody. They don't meet the quotas, they don't get good reviews. I have had friends who have worked for the NSA, and outside of a few areas, most of these people are carreer beaurocrats making their numbers. Like bosses who make up for management skill by saying that they will fire anyone 5 minutes late, the NSA is making up for the fact that most of the good spies left during the Bush Administration by compromising everyone, so that they can do their work without having to try hard. It doesn't have to be USEFUL work, just something to meet their quotas. The real issue here (well one issue, the other being the utility of having the source) is that we have let the goverment decay to the point where it is a danger to us.

Re:Microsoft Denies Story

[malice95]

Dam I guess this was all just fud and we should
all go home and lead our simplistic lives again.
Boy Microsoft vehemently denied it. I guess we all
must be wrong.


Unfortunatly noone will ever know if their data is
really safe unless someone can build an exploit
that uses a known key pair (replacing the NSA key)
to replace already installed cryptographic modules
with vulnerable ones. Sounds like a project:)

These are scary times we live in..

Malice95

That does it....

I will never run a piece of Microsoft code at home ever again. As soon as I get PPP working on my home-brew linux system, it's dd if=/dev/zero of=/dev/hda1 for me. But then again, all my comms traffic goes through Menwith Hill - I'm around 15 miles away.

Re:Microsoft Denies Story

[Gentle+Ben]

Regardless of whether or not an actual backdoor exists and regardless of what it does (verifies whether or not illegal software is loaded or permits the NSA to enter your system) do you think that MS could afford to admit to this? There would be such a hue and cry for them to refund money on their software that they would sink from the lawyer's fees much less any funds they actually refunded.

Verification? or Paranoia?

[theonetruekeebler]

Although this certainly does look bad, and adds to the increasingly large stack of reasons I don't like using MS products, I can think of three other scenarios behind this that would make me worry less:

• It's a hook: MS has been reading the same trade journals as we have, and figured this was a valid future possiblity, so like any responsible program designer, they added a hook for future API expansion.
• It's a private joke: Like the cited article said, these symbol names are usually stripped out of the binaries before they are shipped to users. Who among us has never made a facetious function declaration like mangle_client_data()? I suspect that if I were creating a silly and undocumented function in a crypto API at three a.m., I'd probably call it NSA_BACK_DOOR() or something equally wise-assed.
  Early in my career I out an incompletely tested beta to a single customer who fortunately had a sense of humor, because eventually a dialogue popped up on her screen that said "Error: We're fucked as of line nnnn." See, I'd compiled with the -DTEST switch still in the Makefile instead of -DPRODUCTION.
• NSA != National Security Agency: It stands for something like "Nancy's Special Algorithm". Okay, this one's weak, but I said three possibilities and by-ghod I'm gonna provide three possibilities.

  Then again, maybe what we need is a full-blown X-Files conspiracy theory: this really is a back door explicitly added for the NSA, and the programmer, a closeted civil-libertarian "forgot" to strip the .ddl. Why would MS put a government back door in their software? Simple: in exchange for willing coorporation on this vital Matter of National Security, the NSA is going to lean on the DoJ in the anti-trust suit and get any possible consent decree reduced to "write 'Monopolies are no fair' on the blackboard five hundred times." Better yet: six or seven years ago the NSA recognized that MS would control 90% of the PC industry and had DoJ bring the anti-trust suit so they could lean on MS to start adding back doors to sweet FA.

  Or not. Maybe it's just a #define from three years ago that never got commented out. When you've got twenty million lines of code to wade through, things like this tend to get overlooked.
  
  --

Re:Verification? or Paranoia?

[rumba]

sweet FA? desolation boulevard... and using it as a metaphor for the backdoor. keebler, you are gorgeous.

I am now worried...

[His+name+cannot+be+s]

You know, for a long time, I've been not too terribly concerned with the US government's activities when related to 'spying' on it's populace.

For the first time, I am now moving off of that position, as if this little factiod is true, it really means that we should all be a little more scared about the personal freedoms we enjoy.

I'm a little shocked. And a little outraged. This has got to be the most strong argument for Open Source/Free Software that I've ever seen. This sort of thing would^h^h^h^h^h couldn't happen if there were a million peers viewing the source.

Un-fscking-beliveable..

*long live linux*

Verification? was Re:the begining

[Andrew+Gilmore]

This is interesting, but how do you prove it? I mean, all they've got is the fact that NSAKEY showed up as a debugging symbol. Sure NSA happens to be the acronym of a particularly annoying secret government agency, but...

At least, it DOES appear that there is more than one key available in the crypto packages. Whose keys? This should be the rallying call, and since we don't have the code, we can't tell.

This is a VERY good reason to be suspicious of Microsoft products.

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Andrew
----

Re:Verification? was Re:the begining

[Winged]

How many people actually USE the cryptoAPI? It seems to me that unless you're using this stuff, all of this has no effect.

Unfortunately, everyone who has PGP 6.0 or higher (including the International version) without buying the RSA add-on, and the 128-bit high-security package from Microsoft. Not to mention everyone who uses MSIE.

Specifically, PGP 6.0 and higher use CryptoAPI to provide backwards-compatibility with RSA-signed/encrypted PGP 2.x messages, allowing them to be decrypted and encrypted to. (Unfortunately, this screws the security model a little bit, because since it can only generate a Diffie-Hellmann keypair, the 2.x recipient can't verify the signature.)

When an API is invented, people start using it. Once people start using it, it's dangerous. Ergo, creating an API that has backdoors is dangerous. Period.

Microsoft, fight the NSA.

Re:Verification? was Re:the begining

[abcess]

How do you prove it? Well, if you had REALLY read the whole document, you'd have seen how it was proved. There ARE two RSA Public keys contained in the code. These are readily exctracted from the code, once you have the key, you can verify it's owner from information held inside the key itself.

be afraid, be VERY afraid.....and read more thoroughly next time

Re:Verification? was Re:the begining

[Slur]

Andrew Wrote:

This is a VERY good reason to be suspicious of Microsoft products.

Unfortunately when I installed Microsoft Windows I checked the box that said "Always trust content from Microsoft," so I'm bound by my agreement to always trust Microsoft.

Yeah, I'm a Mac programmer. You got a problem with that?

Re:Verification? was Re:the begining

Who the hell knows what we use.

I dunno...

[mi3ke]

This sounds a bit fishy to me. Would they actually be stupid enough to go to all the trouble to bury a black-ops backdoor in a major OS, and then name it something as obvious as NSAKEY? It'll be interesting to see what spin MS tries to put on this, but I have a hard time believing that the NSA would be THAT clueless...

Re:This is nutz!

[Kythe]

Bite your tongue. I am most certainly NOT a Libertarian -- quite the opposite.

I'm glad to see others here are also not of that nutcase persuasion.

However, civil liberties and defense of democracy are not the exclusive domain of Libertarians. In fact, I'd argue the opposite is true.

The notion that the U.S.'s intelligence community has too little oversight is shared by many people, of many different political persuasions. Moreover, my post specifically addressed this particular issue: if the NSA is, indeed, insisting on backdoors in domestic software, then their actions are over the line.

Kythe
(Remove "x"'s from

Re:Come on kiddies....the NSA is MUCH smarter than

[Ishamael]

i don't like you anymore

I'm personally certain it's legit.

[Paul+Crowley]

(1) The paper's being presented at a rump session, so it won't appear in the list of accepted papers. It won't have gone through the same rigourous review as an accepted paper, but hell, they wouldn't let the crypto loonies of this world (David A Scott aka SCOTT16U.ZIP_GUY) present such a session.

(2) the _NSAKEY certainly refers to *a* public key. It's a stretch of unusually high entropy data, which nearly always means cryptographic data: even compressed stuff doesn't look like that. Furthermore, it's being fed to BSafe's public key routines: look at the CCC's debugger output.

(3) Micros~1 wouldn't fuck around with that sort of thing. I don't think anyone's going to label a public key "NSAKEY" as a joke.

(3) But the NSA are very likely indeed to put pressure on them to introduce this sort of "feature" - it's quite a common occurence for a guy with a sharp suit to turn up at the offices of commercial crypto implementors and discuss, let's say, how best to speed the export process. In the case of Lotus Notes, they did it entirely above ground, although the Swedish Government didn't read the small print when they banked their information system on Notes and they were quite annoyed to discover that the NSA had a way in.

Put aside your speculation: this is the real thing. The NSA hold the private key that allows their software to do pretty much whatever they want to the CryptoAPI system, if you'll consent to run any code they've had their hands near. And we all know how tricky that is.

Personally, I'm ecstatic: the unearthing of this information is a huge boon both to the Open Source and crypto-security communities.
--

A "sodroller"?

[MenTaLguY]

...enh, basicaly an "astroturfer", from what I can figure.
Berlin-- http://www.berlin-consortium.org

This reminds me of a DeepSpace 9 episode

[rottz]

This whole NSAKEY thing kinda reminds me of a StarTrek DeepSpace 9 episode, where they found out that odo was infected with a virus and this happened when he had a federation health checkup. So they sent a message to federation HQ and told them they had the cure for odo's infection, so it would lure a guy from Section31(the federation's NSA). It worked and some guy named "Sloan" shows up looking for it, but then finds out it was a fake message. He tried to say it was done in the best interest of the federation, because they wanted odo to link up with the founders(leaders of the dominoin) so it would kill them all. Which is not related to putting a backdoor in a computer OS, but does show how governments try to excuse their own actions by sayings "It WAS in the best interest of national security". So I am looking forward to how MS/NSA is gonna spin things, their PR departments must be going CRAZY right about now!! NSA will probably put all the blame on Microsoft or people in Microsoft will be having some mysteries accidents!

Enlightening NTBUGTRAQ Listserv posting [Long]

[jedinite]

Sorry about the length, but this very well written email from Russ posted to NTBUGTRAQ does a perfect job of laying out all sides of this issue...

-----Original Message-----
From: Russ [mailto:Russ.Cooper@RC.ON.CA]
Sent: Friday, September 03, 1999 2:58 PM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Alert: CryptoAPI and _NSAKey issue


-----BEGIN PGP SIGNED MESSAGE-----

This is also available at http://ntbugtraq.ntadvice.com/_nsakey.asp

Whoa horsie...

I had a long chat with Andrew Fernandes this morning, as well as
another chat with others, and of course I've had a ton of messages
sent my way with various links to various stories about the issue.

I wanted to get a few things straight before I sent this message, but
given how quickly things are spreading it makes sent to send something
interim.

Ok, so here's what I can tell you.

1. Andrew's speculation about the _NSAKEY being a backdoor for the NSA
is based on;

a) The variable is called "NSA".

b) Its a second key, not known to exist in Windows previously.

c) What possible purpose would a second key serve?

d) Its presence, arguably, weakens CryptoAPI (Andrew explains this on
his website at ,
I'll elaborate more later.

2. Sources close to Microsoft say that the key is a "Backup" key. It
is owned by Microsoft, and only Microsoft have the private key to it.
The key was named "_NSAKEY" because the NSA insisted that Microsoft
include a backup key in their CryptoAPI before the Commerce Department
would approve its inclusion in NT 4.0.

Editorial
- ---------

There's a bunch of somewhat understandable furor going on over the
idea that the NSA might have a backdoor to Windows. Unfortunately,
however, all of this is based on a variable name. Anyone who programs
knows that variables might get named anything for a variety of
reasons. One would expect that they would be named descriptively, but
alas, not everyone follows such stringent conventions (can you spell
"Easter Egg"?).

The Conspiracy Theorist's theory goes;
- -------------------------------------

- - The NSA has a signing key on your box.

- - The NSA can implant a Trojan to replace the module which performs
encryption on your box with one that doesn't perform encryption, and
because the failure of signature verification against Microsoft's key
is silent, they can get their trojan'd app up and running without you
being any the wiser.

- - The NSA can then sniff your traffic, now being conducted in
plain-text.

There's obviously a ton of variations possible on this theory, they
take your private key, they replace your key with another, etc...

They only have to get a Trojan to you and get you to run it, and as
those same Conspiracy Theorists always say, there's
likely bugs in the OS designed to allow them to do
this...

Yeah, could be true.

My take from Microsoft's Perspective;
- ------------------------------------

- - We want to have one build of our products that simultaneously
supports weak or strong encryption functionality.

- - We want to be able to ship this one product world-wide, changing as
few bits as possible for those that are being shipped outside the U.S.
and Canada.

- - We'll build an API (good, bad, or otherwise) that allows the
controlled bits to be inserted into an infrastructure, then get the
infrastructure approved, and all will be good.

- - Commerce (with advice from lots of people including the NSA),
agrees, and tells Microsoft they have to sign everything that can use
the infrastructure. That way, Microsoft can ship its product anywhere,
and Commerce will know that only those products that have been signed
by Microsoft will be able to run on the OS.

- - You want to build a Cryptographic Service Provider (CSP), the module
that performs the encryption, you gotta get Microsoft to sign it for
it to run. Microsoft doesn't sign anything that doesn't have the
appropriate Commerce Department Export approvals first.

Wonderful, life's good, Microsoft doesn't have to manage multiple
versions based on Crypto-strength, folks can implement whatever crypto
they want (assuming its Commerce approved).

Oh, the second key, I almost forgot;
- -----------------------------------

I'm told the NSA insisted there had to be a backup. No explanation as
to why yet, that's what I've been told. One theory that made a lot of
sense to me was the simple idea of;

What happens if Microsoft's key is ever compromised? Well, they'd
simply revoke it, right? Yeah, but the problem is that you'd have no
way of telling a Microsoft system that there's a new key. You'd have
to rely on the old one to tell it about the new one. But if there's a
backup key, and they're kept separate, you could use the Backup to
verify the new key to replace the primary.

That's only meaningful to Microsoft since there's no revocation lookup
being done on the primary anyway. Microsoft would have a way to
salvage its name by using a new key. In practice, this would be near
impossible to deploy, but hey, at least there's a way to do it
securely.

BUT!!!
- ------

Andrew's discovery goes beyond this NSA stuff. There's a real issue
here. Andrew has found that by replacing the _NSAKEY with one of your
own, you are able to add a CSP to the system signed only by you. This
by-passes Microsoft's signing controls (the ones Commerce needed to be
in place to allow Microsoft to ship its products world-wide).

As Andrew says, "Export controll is effectively dead for Windows."

More importantly, it means you can add a CSP that does whatever you
want it to do, and then modify existing Windows .dlls that call
CryptoAPI such that they are signed by you instead of Microsoft. This
will cause them to fail the Microsoft signature verification, but
they'll pass verification against your own signature. Windows will
silently let them run and do whatever it is you want them to with the
CryptoAPI environment.

In theory, you create your own CSP to replace Microsoft's supplied CSP
(implementing whatever you wanted in it, say boosting 40-bit to
128-bit), modify the second key to one of your own, install your CSP
over Microsoft's, and fire up any application that uses CryptoAPI. The
signature will fail Microsoft's verification, pass yours, and
everything should work as if you had a U.S./Canadian version.

Fortify for Windows NT (I'd sure love to see
that implemented, anyone up for the challenge?)

It also means the encryption you use on your system could be
compromised in the same fashion, assuming it relies on CryptoAPI
(hasn't this been called for by the U.S. President's commission?)

Andrew's demonstration program effectively proves most of this;

http://www.cryptonym.com/hottopics/msft-nsa/Repl aceNsaKey.zip

On the other hand;
- -----------------

If there were only one key present in the system, Andrew acknowledges,
then this wouldn't be possible. However, it would still be possible to
subvert the export controls by trojanning all of the necessary .dlls
used with CryptoAPI with ones signed by your key, and then replacing
the Microsoft key with your own. Its a lot more work, but it would
still achieve the same results.

Nobody is suggesting that any of this is a Remote Exploit, or
something you have to worry about receiving in Email. Sure, Andrew's
program demonstrates that a running application can subvert the second
key and implement its own CSP...in memory...which is possible but
unreliable.

Bottom-line:
- ------------

I think the NSA thing is being over-hyped. Sure, its possible, and we
need Microsoft to make their official statement about it to have it on
the record. Once they do, if anyone can prove its not their key I will
happily help them. I doubt anyone will...although I also doubt that
people will readily accept that it is a second Microsoft key (who
killed JFK?)...maybe Microsoft can sign something with the second key
so we could verify it somehow??

Meanwhile, the risk of your system's cryptographic methods being
exploited is limited while folks figure out how it could be done
effectively. I'm looking at how you could audit access or
manipulation, but what's really needed is a TripWire-like
functionality (http://www.tripwiresecurity.com/). Alternatively,
Microsoft should build-in some additional mechanism to verify that
something that should be Microsoft signed, really is Microsoft signed,
and not a blind failover to the second key.

As to the issues of a third key in W2K, I have no information
regarding this beyond what Andrew has said.

More as information becomes available.

Cheers,
Russ - NTBugtraq Editor

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2

iQCVAwUBN9AoOBBh2Kw/l7p5AQEArgQApuinKKbm2VgQ3etb 6mm4MPu2IPiO4Orr
lhhzz3yYNqCJW0kgubSiPcZoOyHvD3VU2IXLk4CKRqeIhQEz 1UXJhJWF11qYF888
pJQpo08ejP3aozx7AB4+37O7gWkLGcH+wAC8siMpOMMUjgHJ UhkzOZ0Fa+tbXxt3
ntSOJU8kXus=
=Ihd3
-----END PGP SIGNATURE-----


---------
Titanic Wrecking Crew

This is what a coworker had to say:

[jtseng]

Microsoft CSP architecture closely resemble the Intel Common Desktop Security Architecture (CDSA).
These architectures were designed to allow third parties to easily extend or add (1) Cryptographic Functions,
(2) custom Security Policy, and (3) internal or external Key Storage functions. With this architecture,
users are presented with many choices of CSPs and can select any of the available CSPs
for encrypting messages.

Normally, Crypto Service Provider (CSP) manufacturer such as SmartCard vendors will
first submit their devices' public key to Microsoft.
Microsoft then incorporates the key into the Trusted Computing Base of the Operating
System. Upon loading of the CSP module, the public key is then used to authenticate and integrity-protect
the CSP codes and devices. In the final release version of the Window 2000, we will see other public keys
installed, in addition to NSA and Microsoft's keys.

Why is NSA public key pre-installed on the Operating System? My guess is that the NSA CSP contains
the necessary protocol for recovering encrytion keys thru third party agent known as the Key Recovery Agent (KRA). These key recovery functions are absolutely required on systems deployed in Federal agencies.
The Key Recovery Protocol is an emerging standard. And only specially designed Cryptographic
functions that have third party KRA's key embeded can recover keys.

Details on CDSA and Kery Recovery Protocol can be found at:
http://developer.intel.com/ial/security/document ation.htm
http://www.kra.org (Key Recovery Alliance web site)

Today's English Lesson: Oxymorons

Re:C2 security compliance

[Slothrup]

Only A- level security prevents you from being hooked up to a network.

I believe you've been confused by the fact that Windows NT is only C2-secure when it is not networked. This is an issue with NT and not with C2 certification.

Re:I don't think it's for spying on people

[dracosystems]

OK, I've been very curious about this myself, and I know the key wouldn't be called nsakey for the simple reason that those types +have+ to come up with a name for the project, like ohh, Silent Storm. However the mechanism still bothers me. I am rusty on the mechanism here, but as I understand it, if you have the correct private components of either of these two keys, you have the ability to remotely change crypto behavior on an NT system ?
I guess in essence, I am quite curious about who holds each of the private keys that go with the public key information, and what rights can they extert through that key ?

New Distributed.net project? Find the NSA Keys??

[Dios]

Why not try to find the keys? That would be a serious blow to microsoft/nsa security.

But it goes in the reverse too...

[mosch]

How many times have you seen those three lines and wondered 'what do they do?' and decided to trace them? With open source it's terribly easy to do so and if I noted three lines of code in PAM which allowed access via a third party, I'd certainly be quite public about my announcement.

Wrong question...

[Millennium]

Unquestionably it's illegal. It violates the Constitutional ban in search and seizure without a warrant.

The question is, "Does the NSA care that it's illegal?" The answer is, undoubtedly, no.

It's hard-coded, not simply pre-installed...

[MenTaLguY]

Why is NSA public key pre-installed on the Operating System?

I was wondering that too, except the key is not pre-installed, it is hard-coded .
Berlin-- http://www.berlin-consortium.org

Re:This is nutz!

[Jimhotep]

No, this is good.

Trust your govt.!

They work for YOU.
if you live in the U.S. that is

Re:Comedy of errors

[Jonny+Royale]

I see two more:

• It's a trap by M$ to find out if you installed any illegal software...
• It's a trap by the writers of the press release so they'll see how many people install THEIR patch, and make themselves vunerable this way..

Re:Wait just a second...

[Black+Parrot]

> Too bad Windows isn't open source so we could all go check it...

I suspect we'll have massive lawsuits filed within days, and a resulting court order to open the relevant parts of the code.

If the Administration opposes the suit, or if Microsoft loses some more source code, that will tell us all we needed to know anyway, won't it?

Meanwhile, it's fun hitting the news sites every few minutes to see the pecking order of how the story propagates.

How could this be used to break in?

[muwahaha]

Can someone tell me precisely how the NSA could
use this to break in to someone's computer?

My understanding is that this key might be used
by a computer to verify software downloaded from
the internet. Will the operating system accept
software signed with any of the three keys
mentioned in the article? This should be easy
to check, if as is claimed in the article, the
key named NSAKEY can be altered.

Even if that's true, the only way I can think to
exploit this is to convince the target computer
to download a cryptography module or whatever
from a site I control. How could you do that?

Alex.

Re:How could this be used to break in?

[malice95]

The theory is:
If this is the NSA's key, and they have the other
half of it. Then, it may be possible to get a user
to download software and install it or break in
in the middle of the night and install it. The
software would be signed with the other half of
the key. If the operating system accepts multiple
keys for software installiation authorization
beyond MS's key then it would accept the NSA key.

The nsa software could replace a current
cryptographic module rendering that encryption
method usless for security.

This could comprimise all sorts of data such
as passwords, 128 bit web transactions, vpn
networks, encrypted files..etc..etc. By replacing
the software used to generate the encryption you
can effectivily nullify the encryption.

You could get someone to install your special
code in many ways..

A virus, active X is full of holes, hiding it
inside popular software, breaking in and
installing it yourself..etc..etc. This would
be a very difficult attack for a cracker to
perform as they would have to replace the nsa
key first but it wouldnt be hard for the nsa
to do it with all the power of the US goverment
behind them. Of course noone has proven any of
this yet.. give it some time, I am sure someone
will come up with something to prove or deny this
possibility.

Malice95

Re:How could this be used to break in?

[muwahaha]

OK. I'm amazed that this topic has generated almost 500 responses in that case. Alex.

Re:Computer "BUG" (NSA listens in)

[overshoot]

Jburkholder wrote:
Geez, too bad the NSA doesn't have anything better to do than spy on average computer hackers. Guess they got tired of interecpting everyone's email and following foriegn nationals around watching for them to rent u-hauls and buy fertilizer.

Paranoia aside, there are a number of reasons to be upset about the NSA installing backdoors.

• They've already been caught reading supposedly-secure commercial mail and passing the fruits to commercial competitors. They may not be interested in your sex life, but do you want to have your business available to your competitors?
• A large part of the security of encryption lies in the fact that any given key is of limited value -- you can only read one person's mail, etc. If that key is a backdoor to every WinNT box on the planet, though, the picture changes somewhat. In the end a security hole is a security hole.
• Keep in mind that the NSA is first and foremost a political entity. RIght now they're trying to convince Congress to pour lots more money and power their way based on the supposed insecurity of computers in the USA. Their chances of success are obviously improved by reduced computer security.

Re:Well, this is another argument for getting sour

[Hobbex]

Thats funny, I found it quite conforting.

Oh, wait, maybe you are on the wrong side of the corrupt, effectively totalitarian, world repressing regime...

-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

"Unknown Third Party"??

[Brother]

Excuse me? Microsoft goes 'I'll lie back and
let all you government agencies blatantly
compromise the flaccid security in our
products'

How much do they get paid? Or is this more
sinister? Perhaps the DOJ will magically
let them off the hook?


--------------------------------------------

Re:"Unknown Third Party"??

[shadrack]

Maybe the have incriminating videos of all the senior MS execs? Just kidding.

enh... I think not

[MenTaLguY]

Has anyone considered the possibility that Microsoft deliberately left the symbol in, to reveal NSA's presence without risking liability? Or is it just easier for you to blindly attack Microsoft given the slightest excuse?

Replace Microsoft in that sentence with any other major corporation -- Occham's Razor still applies. I could possibly buy that this was deliberate on the part of an individual employee, but I find it highly improbable that the management of ANY large company would make that sort of decision.

Berlin-- http://www.berlin-consortium.org

Re:This is nutz!

[Kythe]

Most people don't seem to realize just how little oversight is built in to the U.S. intelligence community. I'm willing to bet that few people (much less our elected representatives) outside the NSA knew they had Microsoft doing this.

Anti-democratic? Absolutely. It's what happens without checks and balances.

I'm finding that more and more, calls to rebuild our intelligence system from the ground up, with extensive oversight, sound not only reasonable but necessary as well.

BTW: one doesn't have to be paranoid, or a Libertarian (I'm a Liberal), to see the problems this sort of thing poses to civil liberties.

Kythe
(Remove "x"'s from

Come on kiddies....the NSA is MUCH smarter than...

[mattz]

...that! This must just be some M$Programmer(tm)'s idea of a cute joke!

All microsoft products will be removed

[Da+w00t]

From any computer system I run. This is just totally fscking insane. I am in complete shock. I'm going to go out and buy a copy of vmware to keep microsoft where it belongs.

Re:All microsoft products will be removed

[Tony-A]

anonymous cow with a bad case of .....

This is why there will be a Y2K disaster...

[Kymermosst]

Okay, here we go...

A symbol called "NSAKEY" from an unstripped binary is immediately taken to mean the U.S. National Security Agency, without any evidence whatsoever.

Someone decides it MUST be the U.S. National Security agency, and presents it as such, with no evidence to back it up. A purely opinionated and paranoid assumption.

For kicks, I looked up "NSA" in my dictionary... it stood for five different entities, only one of which is the National Security Agency.

At any rate, it ends up on Slashdot and provokes the usual knee-jerk reaction. While it's possible that the paranoid assumption is true, it's still not known, but yet was presented by the media as the truth.

This is why, even if 100% of all computing devices that used dates are corrected for Y2K, there will still be a Y2K crisis. Paranoid assumptive reactions like the one we witness here and now.

All because a symbol in an unstripped binary from M$ is called "NSAKEY."

Incredible, isn't it?

Re:This is why there will be a Y2K disaster...

[Kymermosst]

I personally don't care. I don't use Windows, and I don't give a damn what happens with it. And the wired article wasn't referred to when I read the Slashdot posting.

At any rate, it really doesn't matter. It's not a "back door," and Microsoft owns the key. I don't see a problem here except that you can replace the key. But that's typical of M$ stuff anyway. There's no remote exploit, and Windows will never be immune to local attacks.

At least Microsoft follows some of the laws, right? It was mandated by an agency that has the granted authority to require what it does. You don't like it? Maybe you should think about how you vote the next time you are at the polls. Or maybe you should become a politician. All you people bitch about the goverment doing what it does, but the percentage of eligble voters doing anything about it is slim to none. Blame yourselves.

On another point: Before you go calling me an "idiot," and saying I have "supposed" things which I have not, and calling me "delusional," you'd better learn something about me first. Until then, keep your presumptuous remarks to yourself. I did not see the wired article when I posted my comment, which I did immediately after reading the "press release" that made mere assumptions about the "NSAKEY" well before M$ said anything. So, excuse me for doubting a vague and assumptive piece of "journalism."

Now it's my turn to make some presumptuous remarks about you. (An eye for an eye, to say...)

You probably believe everything you read in print or see on TV.

You are probably only worried because you use M$ software.

You probably vote democrat.

Re:This is why there will be a Y2K disaster...

[Kymermosst]

Well, if you believe the horse's mouth, it looks like I was right to doubt. A perfectly logical, and probably truthful explanation, even if it did come from M$. It may have been an NSA requirement to have two keys, but... OMG, the NSA doesn't own either one! Imagine that.

So, while the NSA requires a backup key in case of compromise or disaster, they are not promoting "back doors" in products, at least not in this case.

At least I know I don't jump to conclusions. It would seem my view of reality is not so delusional after all...

Of course, I can't really believe M$'s explanation, but I'd rather give them the benefit of doubt rather than immediately jump to the conclusion that the NSA has a backdoor to all copies of Windows. They don't have the time, budget, or manpower to make use of something like that. I'd sooner believe that the NSA mandated the Windows Number and PIII PSN, so that they could track down people and confiscate their stuff, than to try and compromise machines remotely. They may be a big, bad, nasty government agency, but (a) they are in charge of domestic security, not international intellegence. (b) being a government entity, cost is always an issue in an age of budget cuts, and it'd be a lot cheaper to raid someone's home a la BATF or FBI than to sit there and hack their machines remotely.

BTW, I've worked for Uncle Sam, and I do know what goes on in government. It's more red tape, hype, and wag-the-dog type stuff than proactive "spying on the public" type stuff anyway. Why do you think people believe that the government keeps extra-terrestrial creatures and technology at Area 51 of Groom Lake? See my signature line. Why do you think the government doesn't deny it? Because they want people to believe that, instead of finding out the truth.

Re:Then what the hell is this?!!?

[Rational]

They seem to come from UUnet... Is that the NSA's backbone?

"Crypto With A Hole"

[richi]

1. This is Microsoft's solution to the "cryto with a hole" problem.
2. It's no secret that Microsoft put this into CryptoAPI, I've heard MS people talk about this in public seminars 12 months ago, at least.

The "hole" problem is that it's illegal in many countries to export a system that would allow pluggable crypto modules to be added. Hard to define exactly what such a system is (and isn't) to my mind, but there you are. Probably sufficient legal test that the "intention" was there, but I'm not aware that this has been tested in court.

CryptoAPI is a classic c-with-a-h setup -- you can install "service providers" that implement alternate crypto schemes (rather like we install an OpenMail service provider into MAPI to make Outlook work with OpenMail).

The deal they struck with the feds was that the SPs wouldn't work unless they were signed by MS *or* the NSA.

As I said, the *existence* of this system is not a secret, but the location of the code was (at least de fecto).

I'd bet that few people at MS actually figured out that they had to prevent a binary patch, let alone decided to strip the symbols to prevent it!

Re:"Crypto With A Hole"

[bookemdano]

Back at the beginning of the anti-trust stuff, when there were settlements out of court, I speculated that M$ might have cut a sweet deal with the feds -- that they might have avoided further prosecution by placing a backdoor in all future versions of Windoze.

But this seems even worse, if this backdoor has existed since the release of Windoze95. Or is it just that the backdoor was added on later in patches and updates?

You're joking, right?

[Kythe]

'Though so. ;^)

Kythe
(Remove "x"'s from

Computer "BUG" (NSA listens in)

If the NSA can download and execute arbitrary code on a windows machine- Then they could turn on the microphone and send the sound to them. Imagine having the capability to listen to conversations through every windows computer in the world. Not a bad idea- have people pay to bug themselves. -M.E.

Re:Computer "BUG" (NSA listens in)

[Zigurd]

Speakers, yes: Plug your headphones into your mic plug and yell into them. Cool.

Trouble is, the voltage won't be interpreted in any useful way by the DAC. This part does not work backwards. So unless you plug your headphones into the wrong plug, you are "safe."

The laser on the window hack works, too. I tried it when playing with using a piezoelectric crystal, a mirror, and a photocel to amplitude-modulate audio onto a laser beam for a high school project. Bouncing it off a window (old single-pane windows work best) gives you noisy but usable audio. You need a clear shot to and from the window, though, which was the hardest part, and you cannot start the path from below the window unless your receiver is way up high.

Re:Computer "BUG" (NSA listens in)

[discore]

last i heard there isn't a magical way to get into a computer via power cables or something. the box would have to be on the net. so that eliminates a bunch of boxes. second off, i dont think it quite works like what you explained. go read the article a little more careful.

Re:Encryption is needed now!

[um...+Lucas]

That anonymity on the net is gone, hasn't existed, and won't exist... Think IP addresses... your ISP knows it... Did you ask them how long they keep their logs when you signed up? Who runs Anonymizer? What are their creditials? Face it, everything you do or say on the net is and will be traceable.

Encryption can help, but it doesn't defeat traffic analyis. And unless everyone is using it, encrypted communications serve to raise warning flags, that "this" message is supposed to be secret... And PGP, as simple as it is, is too much to bother people like my mother with... No matter how alarming it is to her, she'd then have to explain to all her friends how to use PGP as well... Not a simple task.

Re:Well, this is another argument for getting sour

[Zigurd]

I thought Jimmy Carter and Joan Claybrooke (sp?) take the rap for 55.

I don't recall my Dad slowing down in the Nixon years. The EPA, on the other hand, we should'a impeached him! Oh. Never mind.

Another interpretation

[jabber]

Towards the end of the overview part of the article, there is a blurb about foreign IT managers now being able to replace the weak encryption shipped (exportable) from the U.S. with strong encryption of their own choosing...

Since Windows is a U.S. product, it is subject to U.S. export regulations on strong encryption. This gaff in security may be an oversight, or it may be a way of enabling strong security usage, without torquing-off the D.O.J. any further than it already is.

Though, I don't see why M.S. would not just provide 'replacable' security.

Then again, given M.S. 'reputation' with security, it is unlikely that they would actually do something benevolent in the area. Still, something to think about... M.S. ServPack5 now allows foreign companies (in fact all users) to keep the NSA from peeking in their drawers.

Re:Another interpretation

[griffjon]

This whole shebang is likely the deal MS worked out (like key escrow) to export CAPI (Crypto API). In normal crypto, if you want to export better than 40/56 bit (56 if you're financial), you have to give in to key escrow (what ZixMail does, what Hushmail moved to the British West Indies to avoid).
So for software, what better method of key escrow than to give the NSA a backdoor into the API?

Still, a good reason to move to open OS'es, for the simple reason that it took until now, through reverse engineering and an oops in the SP5, to find this out.

Open Source High Encryption? Beside pgp?

[malice95]

Are their any other open source HIGH encryption
products out there like 2k bits + that will work
with windows and linux? Something that me an my
friends can use to exchange files and email without concern of it being intercepted and cracked. Also possibly encrypting files locally
on the hard drive? I am not sending gov secrets
out or anything but My privacy is mine damit.
If this story is true then I suppose even pgp
is vulnerable in a windows platform? Is this a
correct assumption?

Malice95

Ease up

[EXpunk]

I didn't say that was how we were sending email. What was sent was a first draft of a legal document, which required the use of several types of formating.

See, now this is what I'm on about. Why do you feel the need to be all jumping on my case? I mean for real, I know that there are a lot of morons on the web, right? If there was a better option (i.e. more commonly used) we'd be all over it.

But it's NOT a backdoor!

Even if this is the NSA's key, so what? All it means is that they're hypocrites with regard to US security laws. The key only lets you install new security services inside Microsoft's crypto framework. That's it. It doesn't give you access to any information encrypted by other providers. The only reaon there's a lock on this install capability is to allow Microsoft to meet US export standards on encryption (they can't make it too easy to add strong crypto). If this really is an NSA key, then the NSA just wanted it to be easy for them to install strong crypto.

In other words, so what? This doesn't let the NSA, Microsoft, or anyone else snoop on my encrypted data. And I already knew the government had a rediculous security policy. BFD.

Re:But it's NOT a backdoor!

[McKing]

Reading this, I started thinking...

1. The alleged NSA key allows new security services to be installed. Fine, but what if one of these services is installed w/o the user's knowledge (Outlook/Office, anyone?)

2. "It doesn't give you access to any information encrypted by other providers." Do you know this? I am not a crypto person, but what if the alleged NSA key triggered some hidden portions _within_ the CryptoAPI that allow programs using _this_ key to do just that?

Combine the two, and you've got yourself a nice digital "wiretap", courtesy of MS and NSA.

I'm not as paranoid as some, but more paranoid than most :)

Comedy of errors

[Enoch+Root]

You know, at first I was outraged and shocked at this article. But now I can't help but smirk.

No one figured out that backdoor until Microsoft forgot to remove the explicit name NSA_Key in NT 4 SP 5? What kind of joke is this? Or is it a programmer at Microsoft that's covertly working for the Open Source movement? :)

I also find it pretty pathetic that the NSA would need to contact Microsoft and implement a backdoor to access NT. I sure know most crackers I know don't need a friggin' insider at MS to crack NT until it weeps.

So I see three possibilities about this:

It's a hoax of some sort, or a private joke by the NT programmers. It sure is working.

It's a decoy. The NSA has a backdoor somewhere else, much less obvious, and this is meant to make us believe the NSA backdoor has been found. I mean, the alleged backdoor in DES is much more complex and subtle than multiplying my a fixed key when encrypting.

It's true, and the NSA are truly pathetic, and their cryptanalysis talents are severely, severely overrated.

I find the third option to be the most amusing. :)

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:Comedy of errors

[Kythe]

I vote for three. I think the NSA is maybe 5-10 years (at MOST) ahead of public-domain cryptography. Hardly enough lead-time to magically have mathematical solutions to the world's toughest public-domain cryptosystems.

Of course, it's always possible that they engage in all kinds of spying methods, and this is just one of them. But I truly believe that ascribing all-powerful status to ANY organization of humans is bound to fall short of the mark.

Kythe
(Remove "x"'s from

Re:Isn't this illegal?

[justo]

what about the export of all this to other countries? isn't that illegal?

The courts are your friend...

[nstrug]

There is only one thing to do in these circumstances: sue. Sue MS for providing access to your data to a third party without your knowledge and sue the NSA for installing surveillance software without a warrant - doesn't matter whether they used it or not.

You probably wouldn't be able to get away with a suit against the NSA in the US, so this needs to be done in France or the UK or somewhere. France would be ideal as investigating magistrates have extraordinary powers and the French are certainly not shy of pissing off the US government. They also have (like the US) little respect for the concept of sovereign immunity and wouldn't think twice about raiding and searching US government facilities on French soil (not that there are very many for this precise reason).

Take the whole thing to the courts and blow the whole shabby deal wide open.

Nick

Re:The courts are your friend...

[jafac]

Airbus is already suing because they claim their secrets were Echelon-ed and leaked to Boeing.

"The number of suckers born each minute doubles every 18 months."

Re:This is nutz!

[Kythe]

I'd appreciate it, if this is their idea of "working for us", that they'd work a little bit less for us.

Kythe
(Remove "x"'s from

And who is suprised?

[ColonelNorth]

The Federal Government has been making aliances et al for years now. For example, the NSA can get new credit cards for agents at will legally giving the company false info, ie the agent's alias or what have you. Corperate alliances are what have made groups like the CIA and the NSA what they are today. I'm sorry I'm cutting this short, but I'm at work. More detail laiter in the day.

Can anyone verify this?

[Kythe]

Anyone else with debugging info to check this?

Kythe
(Remove "x"'s from

Where's the proof?

Am I missing something? The article says "It turns out that there are really two keys used by Windows; the first belongs to Microsoft, and it allows them to securely load CryptoAPI services; the second belongs to the NSA." But they don't say how they know it belongs to the NSA. I hope it's more than just finding something called 'NSA KEY.' It is hard to believe that the government put a secret backdoor into windows and then used 'NSA KEY' as the name of their key.

No binary-only drivers in Linux!

[Morgaine]

I hope this event gives paranoia a new lease of life, before it becomes accepted practice for hardware manufacturers to supply binary-only drivers for Linux.

It's bad enough to run binary-only applications, but to some extent their impact can be controlled. In contrast, once you add an opaque binary-only module into the kernel then all bets are off.

Yell at MSFT, not NSA

[um...+Lucas]

This is probably due to laziness on Microsofts part, or due to their marketing drones... I seem to recall the same thing occuring a few years back with Lotus Notes... The domestic version used 64-bit keys, while the "for export" version used 40-bit keys plus a 24-bit NSA key... The end result being that anyone interested in the data would face a 64-bit key (probably considered unbreakable a few years ago) while the NSA would only need to crack a 40 bit key (been breakable for quite a while)... This only applied to the exported versions, though.

Microsoft, in their marketing wisdom, probably chose not to have a domestic version and an exportable version, so as not to taint buyers of the exportable version with notion that it had easily defeated security. Therefore, they kept quiet about it, and did what Lotus did, but for their entire product line rather than just the part that was destined for sale outside the US...

I'd be much more angry with MSFT than the NSA... It's their (NSA's) job to collect information and spy, it's up to the people, businesses, and our gov't reps to try to

Sorry but that's BULL

[NetWare5]

What are you, working for Microsoft???? Microsoftlied about NT being C2 certified. The certification MS achieved was C2 ORANGE BOOK which is suited for stand-alone computers. For NT to achieve C2 certification, it had to be unhooked from a network, and unhooked from modems. That is, of course, ridicolous. Of course, MS did NOT say that the C2 cert. they had with NT was orange book. However, for the real, REDBOOK C2 certificate, you have to be part of a network. It's much tougher to achieve. The only NOS that has C2 redbook certificate is NetWare 4.11 with SP 3. Novell is in the (long) process of certifying NetWare 5.0 as C2 redbook compliant. Dunno where they are in the process. BTW, Microsoft certified oly NT 3.51, I don't believe NT 4.0 will be ever certified because it's seeking a redbook certificate this time. And we all reasonablepeopleknow that NT as a server is not secure.

SOME ADDITONAL INFO

[Kythe]

From a Techweb Story:

'Fernandez reported his re-discovery of the two CAPI keys, and their secret meaning, to the "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were stunned to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. This discovery, by van Someren, was based on advance search methods which test and report on the "entropy" of programming code.'

Kythe
(Remove "x"'s from

Consider also OpenBSD

[Ungrounded+Lightning]

If you're considering BSD variants you should remember that OpenBSD is the open-source BSD variant whose focus is security. (And it's maintained in and distributed from Canada, so no export crimps on encryption.)

Re:Consider also OpenBSD

[flatrbbt]

I ran a bsd once. Freebsd. I was very impressed with the way it ran. Yes, Openbsd is likely a very good choice.

History Lesson

[Aglassis]

Do you remember the great Unix backdoor? In the early C compilers developed by Ken Thompson the compiler would recognize when 'logon' was being compiled and insert code so that Thompson could enter with his username and password any computer that had UNIX installed regardless of whether or not he had a valid account. This source could be removed from the compiler of course. But to recompile the compiler without it you had to use the compiler itself, which added the code again. Unless you are willing to write a compiler from assembly code you can't be sure that you are not running specially added code. I wouldn't wager a bet that gcc DOESN'T have this type of hack.

CSP

[heh2k]

what exactly is the windows CSP used for? general crypto or auth'ing certaing programs as coming from trusted sources or what?

The real truth of this article

[malice95]

Basically it all boils down to.. if you want real
accountable security for your computer systems
then you must use Open Source Os's and software.
MS could put any dam thing to want in windows
and we would NEVER know. Who the hell knows what
is going on in those binaries. An extreme example
is MS money, Maybe bill gates has the bank info
for every user of this software thats on the net.
Now I know thats a wacked out example but with
closed source products it is really easy to do.

Using MS products to run banks, goverment agencys,
etc.. IMHO amounts to placing way to much trust in some nameless and faceless coders from redmond.

Wait just a second...

[wanderingstar]

Let's all just participate in a little reality check here, folks - just because something is named "NSA" it automatically means it has to do with the United States National Security Agency? As any Windows programmer can tell you, "LSA" in Microsoft parlance means "Local System Authority" - the subsystem that validates your logons. Why the heck shouldn't "NSA" stand for "Network System Authority"? And this is just one possibility... Geeze, the article offers ABSOLUTELY NO PROOF that the key named "NSA" stands for National Security Agency. Think before you fly off the handle.

Re:Wait just a second...

[dattaway]

Meanwhile, it's fun hitting the news sites every few minutes to see the pecking order of how the story propagates.

As expected, msnbc denies the association with the NSA. Looks like this article was carefully prepared by the PR chefs to me.

Re:Wait just a second...

[Kythe]

Quite true...but you'd think that a close analysis would indicate more about the variable, such as whether the NSA_KEY were the same for all systems.

We really need more info.

Kythe
(Remove "x"'s from

Re:Wait just a second...

[dreamwish]

Of course, the acronym NSA would have *NOTHING* to do with the fact that it was in the cryptAPI DLL, right? So it must mean something else.

Heh!

[Lurking+Grue]

Micro$oft always claimed that their systems were open. They just never told us HOW open....

MS has succesfully spread a lot of FUD about C2...

[NetWare5]

I don't want to repeat this stuff.

How do you pick var names?

[pres]

I don't know about you but if I was writing crypto code I am sure I would be tempted to throw in names like this just for my own enjoyment. (and to mess with the minds of the other programmers of course).
While it does have to be looked into, it really does sound more like a joke on the parts of the programmers.

Encryption is needed now!

[dattaway]

We need strong encryption implimented in the masses before its too late. There is too much plain text transfer and lack of authenticication. Imagine a few individuals trying to trojan your patch you submitted on freshmeat. Now, imagine the illusive NSA handling those packets for a brief moment in time to contaminate yours and everyone else's space forever. Paranoid? Perhaps I am, but I have been getting a noticable increase in /var/log/secure in the last few months.

If we don't protect ourselves from crackers and rougue governments, hell is going to walk on this planet soon. I predict it happening soon with the current lax security (or complete lack of!)

Damn the NSA. Send it to hell.

Re:Encryption is needed now!

[SoftwareJanitor]

Your points are good, especially those about traffic analysis. However, they appear only serve to further weaken the argument of the person I was replying to.

In many ways, the 'net is a far less anonymous place than the 'real world'.
In the real world I can still send a letter w/o a return address (or even with a bogus return address). If I am careful to avoid leaving fingerprints on it, it is difficult for the recipient to tell much more than what zip code it was mailed from. It would be virtually impossible for someone (or even a gov't agency) to watch every person depositing mail into every public mail recepticle all the time.
In the real world I can still make a call from a public pay phone using coins and/or a calling card (if necessary) that I can purchase with cash at a place like Wal-Mart. If I am careful not to leave fingerprints on the phone, and I do something like record a message in someone else's voice or with a voice synthesizer, it is virtually impossible to tell who made the call.

The preceeding examples haven't caused the real world to come to an end, so I see little reason why what little anonymity we have on the 'net is a bad thing.

Re:Encryption is needed now!

[um...+Lucas]

I'm not saying that anonymity on the net is a bad thing... I'm just saying it can't happen... Computers need to know what computers they're talking to in order to communicate (except for broadcasting purposes, but that's not how we do things)...

If you want anonymity, don't expect to find it on the Net... It's just not really feasible. If you want to communicate anonymously & privately, all the methods you mentioned above will work just fine... They're just easily duplicated in the online world

Re:Encryption is needed now!

[bookemdano]

Crypto plus dynamic IPs, and change your e-mail header to an anonymous e-mail account. Lots of people do this.

Someone might suspect who you are if they know what ISP you use, but only your ISP can verify this, and most don't have the time or interest to do this unless ordered to do so by law enforcement.

And of course, don't use a Pentium-III or post M$ Word documents to the Internet.

Re:Encryption is needed now!

[meridian]

it doesnt really matter if the operating system you are using is already backdoored. wouldnt be hard for anyone to load a keystroke sniffer. btw i noticed this in my samba logs after trying to install win2k rc1. anyone know what it is? localhost > ALL-ROUTERS.MCAST.NET: icmp: router solicitation localhost > ALL-SBMS.MCAST.NET: igmp nreport ALL-SBMS.MCAST.NET [ttl 1] localhost > MICROSOFT-DS.MCAST.NET: igmp nreport MICROSOFT-DS.MCAST.NET [ttl 1] localhost > MICROSOFT-DS.MCAST.NET.42: udp 19 localhost > ALL-ROUTERS.MCAST.NET: igmp leave ALL-SBMS.MCAST.NET [ttl 1]

Re:Encryption is needed now!

[fr33cl4m]

It was not the unflattering things he said, but
the copyrighted text which he posted anon from
the site. If he was just a vocal critic, the
lawyers would not have gotten very far.
Anon posting can be quite valuable....but there
are rulez ya know. If you were a battered spouse
would you be more apt to seek help on the net
through anon posts, or would you like your name
to appear where the world (including the abusive
partner) could see it.

MS is bad software but...

[dclydew]

I doubt that an NSA backdoor would be called NSAKEY. More likely it would be called sol.exe hehehe:-)

Re:Ummm.... No, it's not, or it is

[Velox_SwiftFox]

It seems to have become the vernacular for the monitoring techniques as well. In any case you can download "anti-Tempest fonts" to make the monitoring harder from the site linked to in the previous comment.

And also on CNN, now

[Kythe]

URL: http://www.cnn.com/TECH/comp uting/9909/03/windows.nsa/

Kythe
(Remove "x"'s from

Re:This is nutz!

[Adam+Knapp]

I'm not quite sure how you propose to vote out the people in the NSA, seeing as how they are not elected it would be relatively difficult. Also, since Congress discusses such things as "National Security" in private figuring out who not to vote for is difficult let alone who you actually should vote for.

That's just being lazy

If you don't know and don't care to find out what the three lines mean then why the hell are you even worring about how secure your os is?? What are you going to do trust someone??? Yeah, and like 1000's of other people you get burnt just like them. If I can't see the code, I won't use it on my servers.

Re:I don't think it's for spying on people

[Vudu+Child]

Suppose all this is true, and I have no reason to doubt that it is, as you pointed out in your last sentence there is still an NSA key installed by default in the Microsoft OS's and thus available for any other use. If one is sufficiently paranoid one should replace that key.

Earlier in the year a paper was published on the vulnerability of keys, because of their entropy, to a brute force search of the hard drive by a virus. I now think that I might want such a tool to see what keys are installed on my system. Anyone heard of such a tool being written?

Re:Well, this is another argument for getting sour

[Danse]

As I get older, I keep wondering what motivated our parents' generation to screw things up as badly as they did.

Same things that always screw things up. Greed, arrogance, paranoia, and fear.

So NSA also needs another trapdoor.

[Ungrounded+Lightning]

It DOES allow the holder to install additional
security services into MS's security framework. But the holder has to have access to your
machine to do that.

So that means they also need a trapdoor that lets them run on the machine, but once they have it they can use this trapdoor to hack your security modules.

This trapdoor is where it was easily findable because that's where the code prety much had to be in order to augment the security install checking. But how do you know the other one isn't in there somewhere?

Re:Security hole? Really??

[Zigurd]

True, but it's still an exploitable feature. The feature was designed to ensure only trusted and legal crypto providers could be installed. If the provider can be installed, then it can be trusted as far as Microsoft's vetting process can be trusted. The fact that another signer can sign without you knowing makes it possible to fool you into thinking that you are loading a kosher crypto provider when you are not.

The stated purpose is probably the original designed purpose, but that does not take away from the fact this is an exploitable feature.

oh, you most certainly can...

[xeno]

Funny, that -- at the SANS seminar on cyberterrorism in Seattle this week Alan demo'd just what you suggest -- a real-life picture of a startled-looking young man taken with his own webcam by a cracker using NetBus. His girlfriend is on the bed in the background, with both video & sound broadcast to the world. According to SANS, 60-70% of NT-based ISPs in the US have a serious NetBus infestation.

Go search for NetBus. Or BO. You chuckle. Someone else watches. And if you don't think it'll happen to you, you should look at my home router logs (on an unadvertised ip).

Re:The Microsoft Reaction

[iabervon]

The thing that makes this flaw interesting is that, unlike their other flaws, it is not in the code which protects the user from other people, it's in the code that protects Windows itself from users. The hole has an effect similar to breaking copy protection, except that instead of letting the cracker copy the program, it lets them install additional cryptographic software. This ability is considered really bad by the government, and software which has it may not, in general, be exported.

Usually it's just customers who are affected by MS security holes, and MS doesn't have to care about customers. But in this case, it's the government that's affected, and MS does have to care. I expect a major press release and a fix pretty soon.

The simplest would be to require the keys to be signed by MS, so random people can't just swap them.

2nd of april?

[flok]

So, like the 3d of September is now the second "fools-day"?
---------------------------------
F.J.J. van Heusden
Mobile: +31-6-22390057
e-mail: flok99@dds.nl
---------------------------------

Re:Stop being so paranoid!

[Deimos_]

Damn all those exclamation points ;) Anyway, what you said is very true, and I think I might have found a way around having any of that BS. I'd like people to check it out and see if its legitamate before I make a move. I want my constitutional rights damnit and their not being supplied! I want Life, Liberty, and the Pursuit of happiness (my happiness is total and complete privacy, plus alot of other things which are 'against the law'. you can shove it if you think its impossible)

The company is called 'Freedom Bound'

I've been thinking about using their services to cancel my social security contract with the government under the basis that when I signed it (with my footprint, or whatnot) I was not aware of the full implications of the contract and therefor by law it is void and an act of fraud. There are also a few other contracts which I would like to have canceled. For chrissakes! I was less than 2 days old when I got 'signed' my social security contract, there was NO way I could know what I was getting into. I've already berated my parents for signing it, but it wasn't really their fault either because they didn't know as well.

What it sounds like, when you are not bound by the social security contract, you (obviously) don't have a ssn, don't have to have social security, or really any tax taken out of your pay check, don't have to answer to the IRS at all (I might be wrong on this one, refer to the link I supplied for more accurate information). You are not required to register your vehichle, have insurance on it, or have drivers license, because you are no longer a driver, but you are a traveler. As a traveler, you don't have to follow traffic laws and state and local cops have no jurisdiction over you. (I'd still stop at redlights and go the speed limit, crashing into another car isn't that fun)

Someone tell me I'm smoking crack or completely right. Please help, I need more opinions on this company before I commit $850 to them. It sounds too good to be true.

-=Deimos=-

Re:Come on kiddies....the NSA is MUCH smarter than

[Kythe]

The NSA is made up of humans. Granted, humans with little oversight, but they're hardly infallible. As we all know, neither is Microsoft.

Real or not, I think this deserves a serious, deep investigation, since this "feature" is evidently found both in domestic and foreign copies of Windows NT.

Kythe
(Remove "x"'s from

the only sure way to prevent security leaks in win

[rumba]

...is to never store anything you don't want corrupted on the drive and to reformat it every month or so and install a fresh copy of the OS. this will also close up memory leaks and put back all the .dlls that got "updated" and now cause your machine to crash every 10 min or so. it will also get rid of all the copies of back orifice that those nasty activeX hackerz slipped you when you went to the porn/serialz site "accidently." i just look at it as preventative maintenance.

win98 guru

Re:screw the nsakey, who owns the third key?

[flatrbbt]

Cool. Thanks for the url.
It certainly seems strange that the people writing the code would not know where the code came from.
I think they are lying sacks of shit.
please excuse my language,

I don't think it's for spying on people

Having used the CryptoAPI for about a year, and having been forced to get Microsoft to sign a CSP (Crypto Service Provider) for me, what it REALLY appears that the _NSAKEY value is for is this: Microsoft wanted to make sure it didn't violate US export law. They asked the US government, which replied, "Make sure that the CryptoAPI doesn't load unapproved cryptographic modules." Microsoft did this by requiring CSP developers to send the DLL to them (you can opt to send just the hash) along with a document stating whether the CSP was exportable or not. Then, someone in the government said, "Well, we want to be able to use our own CSPs in Windows without having to send them to Microsoft." They got Microsoft to add a second DLL verification check using a separate RSA key. For those who don't know, CSPs are DLLs that provide key and certificate management, hashing, and encryption/decryption services to applications. There is a small API of functions that they support. If some boogeyman wanted to spy on you through one, that means that someone would have to get that code onto your machine first, then register it (it's in the Registry under Software/Microsoft/Cryptography/Defaults/Providers ). This still leaves open the possibility that the verification code is being used to verify something else other than a CSP, but that hasn't been shown yet.

Re:Peer review

[Jonny+Royale]

If it was presented in a rump session, it should be on the Rump Session schedule, shouldn't it? I don't see it...unless that "Bill Gates' Private Key" part is it...

Security hole? Really??

Ehm, did anyone actually read the press release?

As far as I can tell, a competitor to Microsoft discovered the following:

* There is not one, but two keys that are used for the verification of CSP modules;
* This key is called 'NSAKEY' in the debug info for some NT4/SP5 executables.

The best you can say is that "this raises questions". It could be a "back door", but certainly no "security hole": the ability to install CSPs on a system doesn't give you a whole lot except the ability to PROVIDE AN ALTERNATIVE METHOD to encrypt/decrypt data. In other words: no existing encrypted data is compromised, and an application has to specify it WANTS to use the new CSP.

Of course it's more fun to start paranoid rants agains "M$" right away, but even for the most fanatic Microsoft-sceptic, it should be clear that:

1. The information is provided by a Microsoft competitor, and very sketchy at that;
2. It doesn't conclusively PROVE anything: just hint at certain vulnerabilities;
3. If the 'back door' indeed exists, its exploit potential is minimal.

Whatever.

Re:Security hole? Really??

[jovlinger]

So what about this attack:
NSA writes a new DES provider that in addition to performing DES, also emails them all keys used (or something more subtle, but you get the idea). Now sign it with NSA private key, and overwrite the old dll with the compromised one. The previous one was signed by MS, this one by NSA, but both have valid signatures. When an application asks for DES encyption, the compromised one is successfully loaded.

What am I missing?

A lot of assumption are made here

[javatips]

It seems that a lot of people are blinded by theyre Microsoft hate. (note that I don't like them very much either) It seems that to asume that because some symbol have NSA in it, it refer to The NSA, one must have a lot of paranoia. I don't say that this has nothing to do with the NSA. But we should not forget that maybe it's for other purpose than for the NSA use. It could be (any reasonnable person will akcknoledge the possibility) that the symbol name with NSA it it is a pure coincidence. I don't refute the accusation, I just want to raise a point that Microsoft WILL raise when they will defend themself of the allegations. SeeU!

Final straw.

[Any_doom?_a_cow_runs]

Hereforto, from now on, only open source crap for me.

I don't care if I have to stop playing halflife, byebye MS stuff.

Byebye anything from pretty much any company. Trust no one for real.

If I can't get a supergeek to tell me the code is 1) legit 2) fairly secure and 3) hasn't been fucked with by spooks then 4) It goeth the way of ye dinosaurs on my HD. Since, gee, pretty much only some *nix variants have a shits chance in hell of passing those 3 (by way of being able to see the code in the first place) thats all I'll use.



Anonymous Coward, get it? :)

Re:Misunderstanding

[flatrbbt]

Yes, I understand that this in itself does not allow access. It does however, completely compromise the security model of the system by allowing unauthorized services to be installed without knowledge of the sysadmin, which is completely unacceptable.

Alleged DES Backdoor by NSA

[Enoch+Root]

As promised, here is the passage from Applied Cryptography by Bruce Schneier that deals with NSA's tampering of the S-boxes. This is from the second edition, pp. 284-285:

In addition of being accused of reducing the key length, NSA was also accused of modifying the contents of the S-boxes. When pressed for design justification for the S-boxes, the NSA indicated that elements of the algorithm's design were "sensitive" and would not be made public. Many cryptographers were concerned that the NSA-designed S-boxes hid a trapdoor, making it possible for them to easily cryptanalyze the algorithm.

Since then, considerable effort has gone into analyzing the design and operation of the S-boxes. In the mid-1970s, Lexar Corporation and Bell Laboratories examined the operation of the S-boxes. Neither analysis revealed any weaknesses, although both found inexplicable features. The S-boxes had more features in common with a linear transformation than one would expect if they were chosen at random. The Bell Laboratories team stated that the S-boxes may have hidden trapdoors, and the Lexar report concluded with:

Structures have been found in DES that were undoubtly inserted to strenghten the system against certain types of attack. Structures have also been found that appear to weaken the system.

On the other hand, this report also warned:

...the problem [of the search for structure in the S-boxes] is complicated by the ability of the human mind to find apparent structure in random data, which is really not structure at all.

[...]Various oddities about the S-boxes appeared in the literature. The last three output bits of the fourth S-box can be derived in the same way as the first by complementing some of the input bits. Two different, but carefully chosen, inputs to S-boxes can produce the same output. It is possible to obtain the same output of a sigle DES round by changing bits in only three neighboring S-boxes. Shamir noticed that the S-boxes entries appeared to be somewhat imbalanced, but wasn't about to turn that imbalance into an attack. [He mentioned a feature of the fifth S-box, but it took another eight years before linear cryptanalysis exploited that feature.] Other researchers showed that publicly known design principles could be used to generate S-boxes with the observed characteristics.

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

UUNet DNS Servers it appears

[abcess]

These both appear to be UUNet DNS servers, atleast according to ARIN whois. 198.6.1.162 is listed as one of the DNS servers for reverse mapping for 198.6.0.0 - 198.6.255.255 as is 198.6.1.83, as for 198.6.1.82 it is listed as a host with ARIN and is listed as one of the name servers responsible for reverse mapping for the same address block when you use nslookup, which means it is likely used for the same purposes.

Now, it is highly unlikely that the NSA or anyone else would be doing anything else from these servers, they're probably kept decently busy doing DNS stuff, besides, they're mission critical boxes for UUNet. This doesn't mean that the IPs aren't being spoofed though.

It seems to me that it's improbable that this would be the info to look for, though it is certainly possible. 198.6.1.82 and 198.6.1.83 seem to be located in Fairfax, VA, so who knows....there's all sorts of possibilites

Re:UUNet DNS Servers it appears

[The+Future+Sound+of]

I think you'd have to use the one that handles .gov addresses, such as:

http://www.nic.gov/cgi-bin/whois?s=nsa.gov

Surprised?

[joq]

No one should be surprised about this backdoor left open to the NSA. Has everyone forgotten that the NSA snoops all things transmitted in the entire world?

Or has everyone actually forgotten the other agencies in cahoots with the NSA to provide unsecure data transmissions in every shape form or fashion worldwide?

Everyone can cry foul all they want but the sad reality is there is nothing anyone can do no matter how hippiesh you think your going to get about the matter.

Hippiesh == reversion back into the 60's type radical fighting for a /dev/null cause

The NSA should not be taken lightly in the Linux community to those who aren't familiar to programming and coding, since anyone can backdoor scripts and bineries to have information mirrored to another destination.

Its a sad crying shame but its part of the worldy balance of good and evil no matter how cheezy it may sound.

What if there were no NSA, or FBI? How chaotic would things be, no matter how you think of it. Things would be in a sad state worldwide. I in no way agree with the methods, and I highly doubt someone at the NSA would randomly pick someone to "monitor."

So unless you're doing something highly illegal why even bother pissing a bitch and flying off the rocker? While it is unethical it's the NSA... They're bound to snoop things one way or the other so the best way to handle the situation is to go on with life...

Microsoft Denies Story

[Froomkin]

Wired reports MS's denial at http://www.wired.com/news/news/technology/story/21 577.html. They say the key is only used to verify compliance with US export control laws.

A. Michael Froomkin,
U. Miami School of Law,POB 248087
Coral Gables, FL 33124,USA

Re:Microsoft Denies Story

[jafac]

"Wired reports MS's denial at http://www.wired.com/news/news/technology/story/21 577.html. They
say the key is only used to verify compliance with US export control laws."

well then, it looks like the NSA in "NSAKEY" DOES stand for "No Such Agency".
Not a joke, and not an acronym for "Network Service Address" (or whatever).

So, how likely then is MS's explanation to be true - if the worst that is suspected (MS-NSA collusion) is true?

"The number of suckers born each minute doubles every 18 months."

Free Get Out Of Jail Card

[Zaxo]

If you're being prosecuted on evidence found in your computer.

Or somebody else's for that matter.

Zax -- Not A Lawyer.

Re:Then what the hell is this?!!?

[madprof]

I'm neither laughing nor crying. Just wondering why on earth you've said this.
Neither turned up in server logs from what I have seen.
Maybe the NSA are pretending to be AOLers? :-)

Duh!

The NSA just plain doesn't need a back door into windows security. Did everyone miss the post about RSA-155 being cracked in three months in secret...? How about Shamir's "twinkle" system? Do you really think the NSA has the type of budget problems that have prevented Shamir from building his system (which he claims would cost a mere $250,000 on first run) And do you think they'd have a hard time mustering the computing power to crack RSA-155 in less than three months? Think about this... who is SGI/Cray's bigggest customer (of super computers)? Drumroll please! The United States Government. Face it. If you want to keep a secret, its better not ever go across a wire, airwave or hit magnetic medium.

-E

maybe it is part of a backdoor...

[dermond]

being able to replace the crypto api could be a part. a person who is able to install a module in the crypto api has a full power over the computer anyway.. most important and interesting information one would want to intercept would be passed through the crypto api and if one has a convenient way to repace that modules. this could be part of a backdoor....

dermond.

Shocking

[chuck]

I assume it's not the same people in this discussion that were slamming Roblimo for posting or believing something with no evidence. Clearly Microsoft has provided themself with a backdoor to everyone's system. Officially, it is so that Microsoft can upgrade the CryptoAPI security on Windows. I find it shocking that no comment I have seen yet identifies a problem with this. This is supposed to be security? Then, there is a second key. What is it for? We don't know, but because it is called NSAKEY, suddenly this is a government conspiracy? Well I have got news for you:

I am the NSA, and I am watching you

Okay, did you believe that? If you did, go and have a lie down, because your brain isn't well rested. Any moron can use the letters N, S, and A. Perhaps it is ``Nominal Secondary Access.'' The point is, you have no clue. There is no evidence that the real NSA is involved. Why don't we stick to Microsoft bashing?

Re:FAKE?

[Jonny+Royale]

I downloaded the file offered to replace the original Key Provider...get it, and look in the TestReplacement.cpp file for the registry key they're hitting.
While I'm at it, why isn't the source for this patch provided? They only provide the source for testing the patch...hmmmm...

Stealth Operation?

[RISCy+Business]

I've got one NT box that I work on, a workstation..

NT 4 Workstation SP4 Build 1381.

I can't find the key. Applying the patch doesn't work. I can't install SP5 (CiscoWorks won't install then.) and going through the registry with REGEDIT.EXE doesn't show the registry entry mentioned.

So I'm inclined to believe that either it's not in SP4, or Microsoft has hidden it REALLY well. Applying the patch as instructed, even using the binary executable that you can download, does nothing. And a test against it fails. Yet I can still log on, so the registry cryptography keys must be intact.

This is scary. And a good reason to ban Windows from your office.

-RISCy Business | Rabid System Administrator and BOFH

Re:Stealth Operation?

[jafac]

grep "NSAKEY" msnt128.exe

...
nothing.

Not in MY SP5. . .

"The number of suckers born each minute doubles every 18 months."

Three words!

[Slur]

Network Security Administrator
Yeah, I'm a Mac programmer. You got a problem with that?

screw the nsakey, who owns the third key?

[flatrbbt]

Why is there a third public key for some "unknown"?

When I purchased NT for my company, I did so under the "assumption" that the 128bit security had 1 and only 1 public key. It was an ignorant assumption, I admit...

I can understand MS being pressured into providing a second key for the nsa, but who is the 3rd key for? microsoft?

I have now removed ALL MS products from ALL machines on these premises. linux/freebsd will now be installed... until then, we will make do with 3x5 index cards.

I have also spent the entire morning on the phone to my customers reccomending they do the same.
There is no excuse for a security hole such as this in a "secure" software package.

If you have a registered copy of 95/98/NT, delete it, and write MS and let them know how you feel about it.

I personally hope the rotten bastards, each and every one of them, rot in hell.

If there is no source code, Do NOT install it.

Not FAKE, just looking in the wrong place.

[darsal]

Umm, these aren't REG keys. They're labels for offsets in a DLL. The words don't appear in the DLL either, but because of the NT4SP5 patch they were "leaked".

Almost, but not quite.

[wahay]

It's not illegal for them to have a key. It's illegal for them to use a key. Prove that they've done it, and you could probably close them down, but how do you prove that?

Right.....

[Patman]

I dunno about the rest of you, but this sounds REAL fishy to me. Not the screwed-up crypto - I don't doubt that. But the NSA? I don't frigging think so. First of all, this guy has zero proof that NSA is involved at all - his only "proof" is the name of one key in one subsystem of the windows operating code, and the fact that that uses the three letter term NSA. I doubt that the NSA would have such a blatantly named key in there. Second, what would be the NSA's benefit in getting MS to do this for them? Seems a little strange, doesn't it? Finally, this strikes me like this guy is jumping on the government paranoia bandwagon for publicity's sake. I don't think this would be a huge story if he just said "There's a crypto problem in Windows systems".

But it *IS* a major security problem

Under *any* circumstances, this would be considered a bone-headed mistake on the part of Microsoft-- even if the NSA wanted it only for legit purposes.

Why? Because it destroys credibility. If Microsoft is going to make this sort of adjustment, Microsoft needs to make it clear to the user that he or she is using something that wasn't signed by Microsoft, rather than just keeping the user ignorant of the fact.

If the NSA has to make modifications like that for internal use, then Microsoft needs to make a version specifically for the NSA, and not incorporate the modifications directly into their shipping product. That's good security practice, no matter how you slice it.

Also, if the software were for internal use by the NSA, then the major point is this: The NSA would want some reassurance that the crypto libs were the in-house versions, not Microsoft's. So the NSA would probably have insisted that the computer perform some sort of notification when the in-house libs were loaded.

In summary, you are technically correct that it is *not* a backdoor, strictly speaking. It's simply a *HUGE* security flaw that makes it orders of magnitude easier for ther right person to install a backdoor, and happens to be there for the benefit of the NSA.

CryptoAPI doc's

[Norman+Lorrain]

Here for doc's.

Already reported in April CryptoGram

[XNormal]

In the April CryptoGram Bruce Schneier writes about the threat of viruses and trojans modifying verification keys:

Microsoft had the foresight to include two root-level Authenticode certificates, presumably for if one ever gets compromised. But the software is designed to authenticate code if even one checks out. So a virus can replace the authenticode spare certificate. Now rogue software signed with this rogue certificate verifies as valid, and real software signed by valid Microsoft-approved companies still checks out as valid.

The wrong assumption is that is is a result of Microsoft foresight - the leaked debug symbols reveals the second key to be an NSA key. The analysis about being able to replace one either voluntarily or maliciously is still correct.

Sounds like a coincidence to me...

[slykens]

Its kinda crazy that we assume that because the key is named NSAKEY that it belongs to our beloved NSA. Would the NSA really trust Microsoft to make sure no one finds out about it? Come on, they've got to be smarter than that. If they did, why would they allow their infamous initials to appear in it. I would think if the NSA had anything to do with it that they would have been the ones to test it and ensure that it wouldn't be detectable. I'm not saying that it isn't possible, just a little hard to fathom that the NSA would allow such a blatent reference to themselves.

Re:Sounds like a coincidence to me...

[Borealis]

My understanding of the article is that they never intended to release the symbolic information that identified the key as NSAKEY. As such, perhaps the "accidental" release of that info is actual some MS person with a conscience attempting to let the cat out of the bag....

domestic vs. foreign

[Bananenrepublik]

Shouldnt that read "found in domestic and foreign copies". I think national security of the US is much less related to spying on other countries than on spying on themselves (remember Colorado High School Massacre?). Oh, and Im much more worried if the NSA spys on me than if they spy on you :)

Nazi's, Hitler, Nukes, etc.

[cr0sh]

I have a book call "Vengence" or something, basically about the Nazi V weapon program and the nuclear implications (many of the bunkers and such look so much like "modern" bunkers that it is scary!) - and basically comes away with that Hitler was going after some sort of spent uranium system.

In other words, rather than a bomb, toward the end of the war he was planning on hurling radioactive waste on board V2's at Britain. IMHO, I think this would actually have been more effective in the long run (though the normal fear/morality hit of a real thermonuclear weapon would have been preferred - from a war standpoint), by causing long term illness, etc. with no way to "cure" it (ok, there was some ways, but not very effective ones). Of course, it would have ruined the areas hit for future Nazi habitation...

As far a "nuking" a far away place (like the USA), Hitler also had plans for a modified dual-stage style V2 - putting a man in the nose (for guidance), and sending him into a suborbital flight - skipping off of the upper layers of atmosphere, until he was across the ocean, then he could "fly" in (drop, is more the word) to hit the coast. I can't remember what the thing was called (Antipodal Bomber rings in my head) - and I have come by very little info on it...

Not in my edition.

[Paul+Crowley]

I don't see any suggestion of purposeful weakening of DES in any way in my edition of AC, except for the small keyspace. Nothing would really shed the doubt of which you speak, but certainly all the evidence points the other way.

The AES is being selected to replace DES because:
* DES's keyspace is too small
* DES's block size is too small
* DES is too slow, especially in software.

--

Check this site out...

[castle]

...For more stunning examples of conspiracy.

Re:Check this site out...

[castle]

oops!
www.infowars.com

Re:Well, this is another argument for getting sour

You have no idea, my friend, you have no idea.

I returned to the private workforce last year aften ten years with a government entity that I cannot list on my resume. I have a cover (State) and some canned recommendations. I learned AIX while I was working for the government, and then discovered Solaris, which I like a lot. This got me a job last year without too many questions.

You have no idea how bad it has gotten. Let me fill you in:

1. Quotas: they are set in (a place in Virginia) and not in the country itself. So, a posting in some countries (Denmark or Finland) where a)no one really likes or dislikes the US - they could care less and have no real interest in providing information and b)there is just not a lot happening (we are not, for instance, likely to be invaded by Belgium any time soon) is the kiss of death to your carreer because there is no real way to make quota. Unless (and this is key), you fake it. If you have ethics, essentially, fully half of all of the postings by quantity require you to commit treason (by compromising national security by falsifying any and all contacts and records) or treat it as dead time for your future. This is the neat part -- everyone knows the system is horribly broken and every senior person there winks at the violations. Why? Whey did it themselves. Shades of grinding back at West Point (cheating, for those who didn't attend a service academy, is called grinding, and almost everyone does it).
2. Reviews: this has nothing to do with your actual performance in most cases. The station chief doesn't do them -- your immediate boss does. And, just like high school, there is a pecking order and no real control outside of that. Date a secretary that your boss is interested in, your ass is grass. I didn't, but watched someone get transferred into a carreer-ending position for that, with the suggestion in his records that he was compromising security by dating nationals. There is no meritocracy there anymore.
3. Disregard for security: this happened all the time. People would take home AND MISPLACE TS and worse. We had a person leave his briefcase in a bar. We are lucky that the bartender found it. It had detailed response plans for repelling any c/b/r attacks from a country that I can't name, but if you saw it on a map, would look an awful lot like Iraq. This was serious. It was ignored. And then there are the drinking and drug problems, mostly drinking.
4. Security: They do not get you a house at the far end of a one way street anymore. You are lucky if they try to keep your cover secret. They won't help you move in, so everyone knows that you are coming in from DC or VA someplace. They won't pay for a damned thing (not salary, which is very low, but things like furnishing a house or flat as if you really were an American marketing exec). And your family is at tremendouw risk if you take them, as a result. This was one of the main reasons I left. I spoke Spanish, I was not going to get another European posting, had studied Latin America, and had done briefings on narcoterrorism for a number of people, for a number or years. I looked at the house that they had picked out for me in Bogota -- on a busy street, with a wide alley, with overlooking apartment buildings in line-of-sight, in a neighborhood with access from FIVE directions. They couldn't have done worse if they tried. There was no way in hell that I was taking my pregnant wife there, and she felt the same way. So we both quit.

Bitter? Yes, very. But not at the concept, just the execution. At this point, we need to start over.

A thought on MS software

[phobos.net]

You'll probably find this paranoid, but remember the basic premise in the film 'hackers'? One company supplying security software for the world, and it had a backdoor?
Now, just imagine that such a thing had happened to Windows. You can transmit whatever you want out from the system every time it browses the web, because no firewall will check what's actually extra in, for example, a URL (as one method for getting data out) as it's outbound, not inbound. What a fine facility for US industrial espionage!

Just toy with the idea. If you start thinking about the implications you could end up rather worried ...
In that light frequent security failures are so much easier to explain.

If you don't think this stuff happens, maybe you ought to find out what the Swedish Government discovered in Lotus Notes a few years back. That was probably accidental, but who knows for sure?

Killing Sales Overseas

[llywrch]

>I also find it pretty pathetic that the NSA would need to contact Microsoft and implement a backdoor to access NT.

No, what is pathetic is that over a hundred sovereign countries now have a good reason to stop buying MS software.

Fer instance, let's say you are a clerk in the UK Foreign Office, & your job is to type memos about Top Secret stuff. And someone in MI-5 discovers that your computer has been talking to one in Virginia at a suspected NSA site. Over an allegedly secure TCPIP network.

How many pairs of underwear will be soiled in this scenario:

1) The clerks?
2) The clerk's supervisor?
3) The sysadmin for the network?
4) The local MS salesdroid?
5) All of the above?


And for extra credit, s/UK Foreign Office/Chinese Foreign Ministry/ & s/pairs of underwear will be soiled/people will be executed/ ?


Geoff

All of the above

[malx]

A joke, a cock-up, and not the only flaw.

Let's face it, if you were the MS programmer told to insert an NSA key (and had no choice), would you make an effort to disguise it when the order came from so far higher up they'd never even see the debug symbols?

Re:Well, this is another argument for getting sour

[raph]

You're not taking into account that said nameless spy agency is too incompetent to track this kind of thing down :)

It's very easy to imagine that enough of the detailed facts have changed to protect the, uhm, err, ok.

But the post itself has the "ring of truth" to me.

No real fix...

[Remus+Shepherd]

From reading the details, they suggest removing the NSA backdoor by changing the NSA key but leaving the MS service key intact. Uh, this isn't much of a fix. If MS collaborated with the NSA enough to put a backdoor in there, they'd certainly be willing to provide their service key if the NSA found a machine they couldn't compromise. It sounds to me as if Windows cannot be made secure.

Re:Isn't this illegal?

[behrman]

IIRC the law prohibits the CIA from operating domestically, however, the NSA's job is SIGINT of domestic and foreign sources.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Running screaming to Linux?

[matt_king]

Sorry to be a "Me too", but I have to agree with the above comment. I am a gamer above all else, and right now Linux just doesn't have the games I want to play. Quake3Test is fine, and so Is Civ:CTP, but we need more than that.

Re:This is nutz!

[Jimhotep]

vote them out

you can flush congress every two years
I call it "term limits"

How to remove (and detect) a Thomson Trojan

[Ungrounded+Lightning]

To remove a Thomson Trojan:

1) Write a program to lex and partially parse the language the compiler is written in, identifying the symbols and substituting a new set of its own creation, and writing the result.

2) Run this over all the source files of the compiler (including the preprocessor and any subroutine libraries - statically linked or loadable - that either uses), producing a new set of sources where "the names are changed to protect the innocent".

3) Build from these sources using the possibly contaminated compiler. Any Thompson Trojans in the compiler will be unable to recognize the modified signatures of the insertion points, and will thus fail to propagate.

4) Use the modified ("dragnet") compiler to build from the UNmodified sources, producing another clean version with the original names. Either this clean compiler, or the "dragnet" substitute, can be installed permanently.

5) If you want to determine whether any trojans were eliminated, you can compare the new clean object module to the original compiler. They should be identical unless compile times or pathnames get included in the object, in which case these should be the only difference. (You probably can't compare the Dragnet object to the original: Even if debugging symbols aren't included, the changed names may make symbol table hashing come out differently, resulting in subtle differences in the ordering of parts of the object module.)

If you're truly paranoid, don't confine yourself to the source path. Do a second program to modify the filenames in the makefiles (using care to properly deal with filenames that also must appear in string constants) and redo all the programs on the build path while making your "dragnet" build system (including make and any shells). Then use your "dragnet" version to rebuild the kernel and ALL the executables. This catches any hypothetical stuff that might be hidden in the linker, the filesystem, etc.

Re:Well, this is another argument for getting sour

[jafac]

I don't know about y'all, but ever since MSG, I haven't trusted any chemical known by an acronym.

"The number of suckers born each minute doubles every 18 months."

URL at Microsoft

[bafful]

Their press release is at http://www.microsoft .com/presspass/press/1999/sept99/rsapr.htm, FYI.

Re:Maybe patch w/ src requires program src.

[muwahaha]

I know very little about mucking around with
binaries, but perhaps it's difficult to provide
a patch in source code form to a program that
you don't have the source code for.

Alex.

Larry Ellison said it best when he said:

[jabber]

"There is not such thing as privacy. Get over it."

I'm with Jimhotep on this one..
If they wanna watch you, they'll watch you. They might be doing it right now. Be afraid - be very afraid.

We (they, they of the NSA) can count your shoelaces and read your newspaper from 100,000 feet up. That's orbital for chrissakes.

Bouncing a laser off of a window, and measuring the reflection allows very impressive eavesdropping.

Your driver's license has your current address on it. Ever wonder why? Did you have your baby foot-printed upon birth?

I've never seen it done, but I'm quite convinced that the patternt on your screen and the state of your CPU can be monitored in real time, from a quarter mile away.

Anyone out there care to comment on S.Q.I.D. technology? My understanding is a bit rusty - and as I understand, that's probably a good thing.

The kicker? There's nothing we can do about any of it.

Re:Infinity transmitter??

[rnt]

Hack-Tic (a dutch hacker magazine) published in 1992 an article about eavesdropping on telephones that are on-hook (unfortunately the article is written in dutch, but you're probably more interested in the schematics at the end of the article anyway).

I believe the technical term is high-frequency flooding, but IANAEE[0].

The phones on which the technique worked were in fact the older models that do use an actual physical switch. The vulnerable phones used a switch that contained several metal strips.

Basically it works like this: instead of a direct current the phone is fed a high-frequency alternating current. Because of the high frequency the contacts of the switch will act like a capacitor, allowing a current to run through the circuit. The microphone does work that way!
I have seen it work and I was impressed. Audioquality wasn't quite good, but the demonstration did something supposedly impossible so hi-fi audio wasn't important, the conversation in the room was intelligible.

(quite funny: the dutch telecom provider first denied it was possible, but soon started to sell kits to prevent eavesdropping using this technique)

On modern telephones this wouldn't work I guess, simply because the physical switch isn't the only thing inbetween the microphone and the phoneline (amplifiers, filters, whatever...).

I hope this helps...


[0] I am not an electrical engineer...

Can you say "jumping to conclusions"?

[Eddie+the+Jedi]

If all we have to go on is a debugging symbol called "NSAKEY", we've got jack sh*t. In the mind of a programmer, NSA could stand for anything.

--

Doubtful

[MenTaLguY]

"What the @#$% do those 3 lines of code do? Hrmmm, oh well, doesn't look like the section I was trying to find anyway . . ."

One thing you're forgetting -- generally when package maintainers (Linus, for instance) are reviewing a patch for inclusion in the distribution, they won't accept it unless they understand all the code involved.

If you tried something clever like spreading the changes across several patches, that wouldn't really work either.

[Judas] Here's my patch to fix the support for the /dev/blah device
[Maintainer] Hrm. I'll have a look.
...
[Maintainer] What's this little bit of code here do? I think you could probably shave a couple hundred instructions off here if you left it out, and it looks completely unnecessary.
[Judas] There's something screwy with the timing; that was the only way I could get it to work
[Maintainer] Hrm. That seems like a kind of awkward hack to me -- I'd like a solution I could understand better. I just replaced this with a delay loop -- I don't have the blah hardware myself though ... (to mailing list) Hey, could someone with blah hardware give this a try with my modification and see if it still works?
[Mailing List] Okay... it seems fine. In fact, one of us tried it without the delay loop, and there weren't any problems.
[Maintainer] (to Judas) I applied your patch; it seems to work fine without the bit of code though, so I just left that part out.
[Judas] Curses, foiled again!

As a modest package maintainer myself, I personally read every patch I get. Even if the patch author isn't malicious, the patch could still potentially fail in a catastrophic way due to a stupid logic error or invalid assumptions.

One thing that some people don't seem to understand about Open Source is that just because some Joe Schmoe produces some code doesn't mean that it'll end up in the official distribution.

It might be easy to read the code in the official distribution, and it might be easy to modify the code in your own copy, but it's nontrivial to quietly modify the official distribution. To submit a patch is to submit that patch to a lot of direct public scrutiny.

Berlin-- http://www.berlin-consortium.org

haha

[alehmann]

isn't this the textbook reason to avoid all proprietary software?

No, BEING done.

[cduffy]

A straight port of PGP to the Pilot is out, yes.

It's slow. It only supports RSA and IDEA. It's incompatible with GnuPG. Its frontend is lousy.

A GnuPG port, with far more algorithms and features, is being done.

Re:No, it's not a backdoor.

[cduffy]

And if you install a security service which automatically authenticates you...

Sorry. If there were a way someone could install new PAM modules on my machine, I'd be calling that a backdoor.

questions

[mcc]

what i want to know is, what DOES this mean? do we have the SLIGHTEST idea AT ALL what the "nsakey" symbol does? even if we accept for a second it's a backdoor for the nsa, what does that backdoor do? is it clear from the dissasembly? any NT admins here who might know details? i've seen at least three contradictory explanatons of what a key in the cryptoAPI means.

they seem to be saying the debugging stuff was left in in the NT service pack and that you could see the names of the variables used.. well hell, there ought to be all KINDS of interesting stuff in there. beyond the NSAKEY thing,seems like it would be fascinating to just thumb through the variable names and see whatall is there. or was it just the security parts and nothing else that had the debugging? is there really a function called CREATE_RANDOM_GENERAL_PROTECTION_FAULT()? (j/k)

has anyone yet gone ahead and run their program to hacksaw out NSA_KEY like they suggest you do? does NT still run? does anything break, suggesting maybe NSA stands for something other than National Security Agency? how do we know that cryptonym's program actually _does_ take out NSAKEY, and not just replace NSAKEY with a key to let cryptononym in your system? How do we know "cryptonym" is not just a front for a shadowy orginisation working to create a human-alien hybrid so they can have FEMA infect all human life with a strange black substance spread by bees which causes the carrier to decompose, becoming food for alien life form and setting off the alien colonisation of earth?

but anyway, whatever this NSAkey thing does, i say we immediately get RCA or RZA or distributed.net or whatever going on cracking it. :)

-mcc-baka
hey.. my mac may crash three times a day, but i have yet to hear about any security holes.

exploitation devices

[RoLlEr_CoAsTeR]

Relying on the obvious exploitation of a security hole to prove its existence is bad practice.
But is that not some of what (cr)hacker (I keep forgetting which word is correct) group(s) such as Cult of the Dead Cow and their Back Orifice 2000 are trying to do? I thought that was one of the excuses for their software; they were doing us all a favor by pointing out (and exploiting) security holes in other software.

Perhaps I am wrong; if so, let me know.