Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How NSA access was built into Windows
11-29-2012, 06:06 PM, (This post was last modified: 11-29-2012, 06:21 PM by BlackFerdy.)
#1
How NSA access was built into Windows
[I think someone should give this information a lot of visibility, here in this forum. Since I keep on finding people that, after all these years, still don't know about this... (If you people, that still use Windows nowadays - despite the availability of free and easy to install GNU/Linux distributions - think the data you're collecting on your computers is safe, think again...)]


http://www.heise.de/tp/artikel/5/5263/1.html


How NSA access was built into Windows

Duncan Campbell 04.09.1999

Careless mistake reveals subversion of Windows by NSA.


A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.

ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.

Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

A second key

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

A third key?!

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

"For non-American IT managers relying on Windows NT to operate highly secure data centres, this find is worrying", he added. "The US government is currently making it as difficult as possible for "strong" crypto to be used outside of the US. That they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers".

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a 'back door' for NSA - making it orders of magnitude easier for the US government to access your computer?" he asked.

Can the loophole be turned round against the snoopers?

Dr van Someren feels that the primary purpose of the NSA key inside Windows may be for legitimate US government use. But he says that there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy", he said.

Fernandez believes that NSA's built-in loophole can be turned round against the snoopers. The NSA key inside CAPI can be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorised third parties, unapproved by Microsoft or the NSA. This is exactly what the US government has been trying to prevent. A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym's website.

According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPU's with encrypted instruction sets already been deployed, we would have never found out about NSAKEY."





http://www.computerworld.com/s/article/9141105/NSA_helped_with_Windows_7_development


NSA helped with Windows 7 development

Privacy expert voices 'backdoor' concerns, security researchers dismiss idea

By Gregg Keizer
November 18, 2009 04:09 PM ET


Computerworld - The National Security Agency (NSA) worked with Microsoft on the development of Windows 7, an agency official acknowledged yesterday during testimony before Congress.

"Working in partnership with Microsoft and elements of the Department of Defense, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user to perform their everyday tasks, whether those tasks are being performed in the public or private sector," Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security yesterday as part of a prepared statement.

"All this was done in coordination with the product release, not months or years later during the product lifecycle," Schaeffer added. "This will improve the adoption of security advice, as it can be implemented during installation and then later managed through the emerging SCAP standards."

Security Content Automation Protocol, or SCAP, is a set of standards for automating chores such as managing vulnerabilities and measuring security compliance. The National Institute of Standards and Technologies (NIST) oversees the SCAP standards.

This is not the first time that the NSA has partnered with Microsoft during Windows development. In 2007, the agency confirmed that it had a hand in Windows Vista as part of an initiative to ensure that the operating system was secure from attack and would work with other government software. Before that, the NSA provided guidance on how best to secure Windows XP and Windows 2000.

According to Marc Rotenberg, the executive director of the Electronics Privacy Information Center (EPIC), the NSA's involvement with operating system development goes back even farther. "This battle goes back to at least the crypto wars of the early '90s," said Rotenberg, who remembered testifying about the agency's role in private sector computer security standards in 1989.

But when the NSA puts hands on Windows, that raises a red flag for Rotenberg, who heads the Washington, D.C.-based public interest research center. "When NSA offers to help the private sector on computer security, the obvious concern is that it will also build in backdoors that enables tracking users and intercepting user communications," Rotenberg said in an e-mail. "And private sector firms are reluctant to oppose these 'suggestions' since the US government is also their biggest customer and opposition to the NSA could mean to loss of sales."

Rotenberg's worries stem from the NSA's reputation as the intelligence agency best known for its eavesdropping of electronic messaging, including cell phone calls and e-mail.

Andrew Storms, the director of security operations at nCircle Security, didn't put much credence in the idea that Microsoft would allow the NSA to build a hidden entrance to Windows 7. "Would it be surprising to most people that there was a backdoor? No, not with the political agenda of prior administrations," said Storms. "My gut, though, tells me that Microsoft, as a business, would not want to do that, at least not in a secretive way."

Roger Thompson, chief research officer at AVG Technologies, agreed. "I can't imagine NSA and Microsoft would do anything deliberate because the repercussions would be enormous if they got caught," he said in an interview via instant messaging.

"Having said that, I think we should understand that there is every likelihood that certain foreign governments are constantly looking for vulnerabilities that they can use for targeted attacks," Thompson continued. "So if they're poking at us, I think it's reasonable to assume that we're doing something similar. But I seriously doubt an official NSA-Microsoft alliance."

The NSA's Schaeffer added that his agency is also working on engaging other major software makers, including Apple, Sun and Red Hat, on security standards for their products.

"More and more, we find that protecting national security systems demands teaming with public and private institutions to raise the information assurance level of products and services more broadly," Schaeffer said.

Microsoft was not immediately available for comment on the NSA's participation in Windows 7's development.

Read more about Government IT in Computerworld's Government IT Topic Center.





A discussion about the first article, and some other important information, regarding computer privacy, here: http://forum.prisonplanet.com/index.php?topic=101456.msg603838#msg603838
Reply
11-29-2012, 06:36 PM,
#2
RE: How NSA access was built into Windows
Related Forum Threads:

NSA Creating Spy System to Monitor Domestic Infrastructure
http://concen.org/forum/thread-33834.html

Trojan Tech: Dell Ships Infected Motherboards; DARPA Combing Pentagon Hardware
http://concen.org/forum/thread-34274.html

Microsoft stops secretly tracking users' browsing habits
http://concen.org/forum/thread-42358.html

iPhone Tracks Users' Movements, Email, Photos, GPS Coordinates
http://concen.org/forum/thread-39459.html

NSA Helped Microsoft Build Vista
http://concen.org/forum/thread-24315.html

Windows XP A Bugging Device!
http://concen.org/forum/thread-17487.html

Windows is spyware
http://concen.org/forum/thread-15204.html

XP-AntiSpy Update 3.96-7 (The Most Useful Security Tool for Windows)
http://concen.org/forum/thread-11006.html

Microsoft: No NSA Backdoor in Windows 7
http://concen.org/forum/thread-30486.html
There are no others, there is only us.
http://FastTadpole.com/
Reply
11-29-2012, 06:38 PM,
#3
RE: How NSA access was built into Windows
Switch to linux Icon_biggrin
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Installing DNSCrypt on Windows 4cc 2 1,265 04-11-2014, 05:30 PM
Last Post: 4cc
  Free Google internet access Orwell63 4 1,193 12-17-2013, 12:17 AM
Last Post: Watchdog
  [split] Torrent "file list" - JavaScript error - SSL certificate access JFK 12 2,276 10-03-2013, 01:15 AM
Last Post: thokling
  Lifetime 1Mbit Free Usenet access drummer 3 1,792 06-25-2013, 07:20 AM
Last Post: JFK
  Microsoft says Windows 8 is a Failure! shortwave 14 2,623 05-15-2013, 09:56 PM
Last Post: ComradeRed
  Micro$oft Access Basic SQL JFK 4 821 04-15-2013, 02:03 PM
Last Post: JFK
  Clover: Windows Explorer with Tabs (freeware) thokling 0 665 04-08-2013, 03:50 PM
Last Post: thokling
Video Solar-powered home-built Stirling engine drummer 0 764 08-22-2012, 03:12 AM
Last Post: drummer
  New Critical Bug In All Current Windows Versions pax681 2 1,484 01-30-2011, 09:30 AM
Last Post: pax681
  Iconoclast icon stuck in windows media player Orwell63 5 2,916 11-29-2010, 05:32 PM
Last Post: yeti

Forum Jump:


Users browsing this thread: 1 Guest(s)