Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA backdoor creates security hole in Windows

Posted by ryuzaki0 on from the i-think-i-get-it dept.

A number of people have written in with the news that Cryptonym has found an apparent backdoor for the NSA (called NSAKEY) in all current versions of Windows. However, you can open this backdoor yourself and install your own strong cryto module in place of the built-in one. More details are also online, but to be quite frank, we aren't quite sure on this one-so, if you're more qualified comment, please do so below.Update: 09/03 11:19 by H :Thanks to Jens Hillman for more information from the German Chaos Computer Club. Der Webpage ist auf Deutsch-Babelfish it.

8 of 576 comments (clear)

  1. Some NSA backdoors are explicit by Paul+Crowley · · Score: 5
    First, this is being presented at Crypto '99, not Def Con Two. It's peer reveiewed, guys, it's pretty much bound to be legit.

    Second, every copy of Lotus Notes carries an explicit NSA backdoor, called the "Cryptographic Differential Work Factor". Essentially the point is that part of every secret key is encrypted with the NSA's public key, so where we would have to brute-force 128 bits to get in, they have to brute force only 40. So there's precedent; it's not as implausible as some people here seem to think. It may not be a back door in the simplistic way some people are thinking of, though.

    The algorithm the guy used to find the key is documented in Adi Shamir and Nicko van Somoeren's paper "Playing Hide and Seek with Stored Keys" - you can find a link to the paper here alongside my implementation of the technique described.
    --

    --
    Xenu loves you!
  2. Well, this is another argument for getting source. by Anonymous Coward · · Score: 4

    I really don't care about the licence, as long as I get the source. I would preferr GPL, but I want the source. I didn't used to feel that way, but as time has gone on I have changed my mind. The issue is less that the NSA is spying -- we need spies -- but that the whole national security apparatus of the US has ceased to be effective. CIA agents abroad have to meet quotas for recruiting foreign nationals. Not USEFUL foreign nationals, just somebody. They don't meet the quotas, they don't get good reviews. I have had friends who have worked for the NSA, and outside of a few areas, most of these people are carreer beaurocrats making their numbers. Like bosses who make up for management skill by saying that they will fire anyone 5 minutes late, the NSA is making up for the fact that most of the good spies left during the Bush Administration by compromising everyone, so that they can do their work without having to try hard. It doesn't have to be USEFUL work, just something to meet their quotas. The real issue here (well one issue, the other being the utility of having the source) is that we have let the goverment decay to the point where it is a danger to us.

  3. Comedy of errors by Enoch+Root · · Score: 4
    You know, at first I was outraged and shocked at this article. But now I can't help but smirk.

    No one figured out that backdoor until Microsoft forgot to remove the explicit name NSA_Key in NT 4 SP 5? What kind of joke is this? Or is it a programmer at Microsoft that's covertly working for the Open Source movement? :)

    I also find it pretty pathetic that the NSA would need to contact Microsoft and implement a backdoor to access NT. I sure know most crackers I know don't need a friggin' insider at MS to crack NT until it weeps.

    So I see three possibilities about this:

    It's a hoax of some sort, or a private joke by the NT programmers. It sure is working.

    It's a decoy. The NSA has a backdoor somewhere else, much less obvious, and this is meant to make us believe the NSA backdoor has been found. I mean, the alleged backdoor in DES is much more complex and subtle than multiplying my a fixed key when encrypting.

    It's true, and the NSA are truly pathetic, and their cryptanalysis talents are severely, severely overrated.

    I find the third option to be the most amusing. :)

    "There is no surer way to ruin a good discussion than to contaminate it with the facts."

  4. Wait just a second... by wanderingstar · · Score: 5

    Let's all just participate in a little reality check here, folks - just because something is named "NSA" it automatically means it has to do with the United States National Security Agency? As any Windows programmer can tell you, "LSA" in Microsoft parlance means "Local System Authority" - the subsystem that validates your logons. Why the heck shouldn't "NSA" stand for "Network System Authority"? And this is just one possibility... Geeze, the article offers ABSOLUTELY NO PROOF that the key named "NSA" stands for National Security Agency. Think before you fly off the handle.

  5. I don't think it's for spying on people by Anonymous Coward · · Score: 5

    Having used the CryptoAPI for about a year, and having been forced to get Microsoft to sign a CSP (Crypto Service Provider) for me, what it REALLY appears that the _NSAKEY value is for is this: Microsoft wanted to make sure it didn't violate US export law. They asked the US government, which replied, "Make sure that the CryptoAPI doesn't load unapproved cryptographic modules." Microsoft did this by requiring CSP developers to send the DLL to them (you can opt to send just the hash) along with a document stating whether the CSP was exportable or not. Then, someone in the government said, "Well, we want to be able to use our own CSPs in Windows without having to send them to Microsoft." They got Microsoft to add a second DLL verification check using a separate RSA key. For those who don't know, CSPs are DLLs that provide key and certificate management, hashing, and encryption/decryption services to applications. There is a small API of functions that they support. If some boogeyman wanted to spy on you through one, that means that someone would have to get that code onto your machine first, then register it (it's in the Registry under Software/Microsoft/Cryptography/Defaults/Providers ). This still leaves open the possibility that the verification code is being used to verify something else other than a CSP, but that hasn't been shown yet.

  6. Security hole? Really?? by Anonymous Coward · · Score: 4

    Ehm, did anyone actually read the press release?

    As far as I can tell, a competitor to Microsoft discovered the following:

    * There is not one, but two keys that are used for the verification of CSP modules;
    * This key is called 'NSAKEY' in the debug info for some NT4/SP5 executables.

    The best you can say is that "this raises questions". It could be a "back door", but certainly no "security hole": the ability to install CSPs on a system doesn't give you a whole lot except the ability to PROVIDE AN ALTERNATIVE METHOD to encrypt/decrypt data. In other words: no existing encrypted data is compromised, and an application has to specify it WANTS to use the new CSP.

    Of course it's more fun to start paranoid rants agains "M$" right away, but even for the most fanatic Microsoft-sceptic, it should be clear that:

    1. The information is provided by a Microsoft competitor, and very sketchy at that;
    2. It doesn't conclusively PROVE anything: just hint at certain vulnerabilities;
    3. If the 'back door' indeed exists, its exploit potential is minimal.

    Whatever.

  7. Re:Well, this is another argument for getting sour by Anonymous Coward · · Score: 5

    You have no idea, my friend, you have no idea.

    I returned to the private workforce last year aften ten years with a government entity that I cannot list on my resume. I have a cover (State) and some canned recommendations. I learned AIX while I was working for the government, and then discovered Solaris, which I like a lot. This got me a job last year without too many questions.

    You have no idea how bad it has gotten. Let me fill you in:

    1. Quotas: they are set in (a place in Virginia) and not in the country itself. So, a posting in some countries (Denmark or Finland) where a)no one really likes or dislikes the US - they could care less and have no real interest in providing information and b)there is just not a lot happening (we are not, for instance, likely to be invaded by Belgium any time soon) is the kiss of death to your carreer because there is no real way to make quota. Unless (and this is key), you fake it. If you have ethics, essentially, fully half of all of the postings by quantity require you to commit treason (by compromising national security by falsifying any and all contacts and records) or treat it as dead time for your future. This is the neat part -- everyone knows the system is horribly broken and every senior person there winks at the violations. Why? Whey did it themselves. Shades of grinding back at West Point (cheating, for those who didn't attend a service academy, is called grinding, and almost everyone does it).
    2. Reviews: this has nothing to do with your actual performance in most cases. The station chief doesn't do them -- your immediate boss does. And, just like high school, there is a pecking order and no real control outside of that. Date a secretary that your boss is interested in, your ass is grass. I didn't, but watched someone get transferred into a carreer-ending position for that, with the suggestion in his records that he was compromising security by dating nationals. There is no meritocracy there anymore.
    3. Disregard for security: this happened all the time. People would take home AND MISPLACE TS and worse. We had a person leave his briefcase in a bar. We are lucky that the bartender found it. It had detailed response plans for repelling any c/b/r attacks from a country that I can't name, but if you saw it on a map, would look an awful lot like Iraq. This was serious. It was ignored. And then there are the drinking and drug problems, mostly drinking.
    4. Security: They do not get you a house at the far end of a one way street anymore. You are lucky if they try to keep your cover secret. They won't help you move in, so everyone knows that you are coming in from DC or VA someplace. They won't pay for a damned thing (not salary, which is very low, but things like furnishing a house or flat as if you really were an American marketing exec). And your family is at tremendouw risk if you take them, as a result. This was one of the main reasons I left. I spoke Spanish, I was not going to get another European posting, had studied Latin America, and had done briefings on narcoterrorism for a number of people, for a number or years. I looked at the house that they had picked out for me in Bogota -- on a busy street, with a wide alley, with overlooking apartment buildings in line-of-sight, in a neighborhood with access from FIVE directions. They couldn't have done worse if they tried. There was no way in hell that I was taking my pregnant wife there, and she felt the same way. So we both quit.

    Bitter? Yes, very. But not at the concept, just the execution. At this point, we need to start over.

  8. Doubtful by MenTaLguY · · Score: 5

    "What the @#$% do those 3 lines of code do? Hrmmm, oh well, doesn't look like the section I was trying to find anyway . . ."

    One thing you're forgetting -- generally when package maintainers (Linus, for instance) are reviewing a patch for inclusion in the distribution, they won't accept it unless they understand all the code involved.

    If you tried something clever like spreading the changes across several patches, that wouldn't really work either.

    [Judas] Here's my patch to fix the support for the /dev/blah device
    [Maintainer] Hrm. I'll have a look.
    ...
    [Maintainer] What's this little bit of code here do? I think you could probably shave a couple hundred instructions off here if you left it out, and it looks completely unnecessary.
    [Judas] There's something screwy with the timing; that was the only way I could get it to work
    [Maintainer] Hrm. That seems like a kind of awkward hack to me -- I'd like a solution I could understand better. I just replaced this with a delay loop -- I don't have the blah hardware myself though ... (to mailing list) Hey, could someone with blah hardware give this a try with my modification and see if it still works?
    [Mailing List] Okay... it seems fine. In fact, one of us tried it without the delay loop, and there weren't any problems.
    [Maintainer] (to Judas) I applied your patch; it seems to work fine without the bit of code though, so I just left that part out.
    [Judas] Curses, foiled again!

    As a modest package maintainer myself, I personally read every patch I get. Even if the patch author isn't malicious, the patch could still potentially fail in a catastrophic way due to a stupid logic error or invalid assumptions.

    One thing that some people don't seem to understand about Open Source is that just because some Joe Schmoe produces some code doesn't mean that it'll end up in the official distribution.

    It might be easy to read the code in the official distribution, and it might be easy to modify the code in your own copy, but it's nontrivial to quietly modify the official distribution. To submit a patch is to submit that patch to a lot of direct public scrutiny.


    Berlin-- http://www.berlin-consortium.org
    --

    DNA just wants to be free...