MFS - The Other News: Windows operating system

Showing posts with label Windows operating system. Show all posts

Friday, August 23, 2013

Built-in backdoor: German govt warns of significant Windows 8 security danger.

Built-in backdoor: German govt warns of significant Windows 8 security danger.(RussiaToday).

Documents uncovered and leaked by German news outlet Zeit Online found that the German Ministry of Economic Affairs was displaying significant unease with the combined technologies, suggesting the possibility that a backdoor could be created for further covert NSA surveillance operations.

The backdoor in question would allow Microsoft to control the computer remotely. “Trusted Computing,” a method developed and promoted by the Trusted Computing Group, is nothing new - fears were being aired over its capabilities and potential as early its founding in 1999.

TPM appeared in 2006 as security technology. However, version 2.0 would implant a chip on every single PC, allowing it to control which programs could and couldn’t be executed because under Windows 8, there is no override. The users thus basically surrender control over their computers.

One of the documents retrieved by Zeit Online found that BSI stated that “unconditional, complete confidence” in Trusted Computing by stipulations of TPM 2.0 was not possible. Trusted Computing cultivated specifications for how the chip would work with operating systems.

Another document from early 2012 mourned the fact that “due to the loss of full sovereignty over the information technology, the security objectives of ‘confidentiality’ and ‘integrity’ can no longer be guaranteed.”

While not fully clear on the specifics, the documents appear to indicate that the NSA had some form of representation at the TCG meetings – during which German officials were also present - saying that they were in favor of leaving the technology in its existing state, without any changes being necessary. This suggests that the NSA does not see TPM 2.0 as hindering its operations.

A Snowden leak from July this year showed how Microsoft worked hand-in-hand with the United States government in order to allow federal investigators to bypass encryption mechanisms meant to protect the privacy of millions.

Penton’s Windows IT Pro trade publication pointed out that Zeit Online “seem[ed] to be using a bit of imagination to connect the dots and maybe the German government has other ideas.”

In a press statement released late Wednesday, the BSI insisted that “From the perspective of the BSI, the use of Windows 8 in combination with a TPM 2.0 is accompanied by a loss of control over the operating system and the hardware used.”

Related:

NSA has total access via Microsoft Windows.

How NSA access was built into Windows

Tuesday, June 25, 2013

NSA has total access via Microsoft Windows.

NSA has total access via Microsoft Windows.HT: WND.By F. Michael Maloof .

WASHINGTON – The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development that follows the insistence by the agency and federal law enforcement for backdoor “keys” to any encryption, according to Joseph Farah’s G2 Bulletin.

Having such “keys” is essential for the export of any encryption under U.S. export control laws.
The NSA plays a prominent role in deliberations over whether such products can be exported. It routinely turns down any requests above a megabyte level that exceeds NSA’s technical capacity to decrypt it. That’s been the standard for years for NSA, as well as the departments of Defense, Commerce and State.
Computer security specialists say the Windows software driver used for security and encryption functions contains unusual features the give NSA the backdoor access.

The security specialists have identified the driver as ADVAPI.DLL. It enables and controls a variety of security functions. The specialists say that in Windows, it is located at C:\\Windows\system.

Specialist Nicko van Someren says the driver contains two different keys. One was used by Microsoft to control cryptographic functions in Windows while another initially remained a mystery.
Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources don’t deny.
This has allowed restricted access to Microsoft’s source code software that enables such programming.
Access to Windows source code is supposed to be highly compartmentalized, actually making such actions easier because many of the people working on the software wouldn’t see the access.
Such access to the encryption system of Windows can allow NSA to compromise a person’s entire operating system. The NSA keys are said to be contained inside all versions of Windows from Windows 95 OSR2 onwards.
Having a secret key inside the Windows operating system makes it “tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system,” according to Andrew Fernandez, chief scientist with Cryptonym Corporation of North Carolina.Read the full story here.

Related: How NSA access was built into Windows

Comments advice.

Visitors & commenters of this Blog are advised that they will be held responsible for any unlawful, harassing, libelous, abusive, threatening, or harmful material of any kind or nature posted by their respective ISP. Visitors are cautioned not to transmit via comments, including links to any material that encourages conduct that could constitute a criminal offense, give rise to civil liability, or otherwise violate any applicable local, state, national or international law or regulation. Comments here are typically unmoderated and unedited. The fact that particular comments remain on the site in no way constitutes the site owner's endorsement of commenters' views.

Fair Use Notice

This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: https://www.law.cornell.edu/copyright/copyright.act.chapt1b.html & http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.No infringement intended. This blog is for educational and information purposes only.