Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

German Government Warns Windows 8 Is an Unacceptable Security Risk

timothy posted about a year ago | from the nicht-ganz-recht dept.

Windows 373

An anonymous reader writes "Die Zeit has access to leaked documents from the German government warning that Windows 8 is an unacceptable security risk for sensitive workloads. The story is written in German here, but automatic translators (such as Google Translate) do a readable job. Particularly of concern is the inability to opt out of TPM 2.0 usage."

cancel ×

373 comments

Sorry! There are no comments related to the filter you selected.

This is known (5, Funny)

ciderbrew (1860166) | about a year ago | (#44641381)

Windows has always been a Security Risk.
Danke.

Re:This is known (5, Insightful)

Anonymous Coward | about a year ago | (#44641457)

Except in the last few months we have had complete and utter proof we are no longer paranoid enough of U.S.A. intelligence agencies and their co-opting of U.S.A. companies to do their work for them.

At this point we can completely trust that Microsoft Windows is and will be used for industrial and governmental espionage activities by the U.S.A. intelligence agencies.

Oblig Blackadder quote (5, Funny)

Cryacin (657549) | about a year ago | (#44641859)

Have you seen any suspicious operating systems? Nein! I mean... 8!

Re:Oblig Blackadder quote (2)

smitty_one_each (243267) | about a year ago | (#44641881)

Only if you're ordering three shots at a bar in an Inglourious Basterds reference.

Re:Oblig Blackadder quote (0)

Anonymous Coward | about a year ago | (#44641909)

Classic Hogan's Heros Schultz vid: http://www.youtube.com/watch?v=UgcxGFmYyPs

Re:Oblig Blackadder quote (2)

interval1066 (668936) | about a year ago | (#44642331)

John Banner was a talent. Here he is in an MST3k production of "Crash of Moons [youtube.com] ".

The next time you call FauxNews Sensationalistic.. (-1, Troll)

Anonymous Coward | about a year ago | (#44641399)

Just remember that these idiot Germans are just as prone to overhype and sensationalism as anything you'll see on Faux News/PMSNBC/CNN/etc.

TPM 2.0 gives Microsoft and the NSA direct control of your computer? Fascinating! I'm sure the Chinese will love those free backdoors!

Re:The next time you call FauxNews Sensationalisti (4, Informative)

Sique (173459) | about a year ago | (#44641465)

If you actually had read the article, you would have seen that this is especially mentioned. Maybe the article is a little more insightful and balanced as you can imagine?

Windows is an option today - not an requirement (5, Insightful)

madsdyd (228464) | about a year ago | (#44641413)

Good thing alternatives exists.

I am not advocating they should "just change". I am just saying that on a personal level I am very happy that thrustworthy alternatives exists, and that Windows (no longer) is an requirement at the workplace or at home, but just an option.

Thank you, Stallman, Linus, and all you other people around the world, who have used your time to provide us with these alternatives.

And, yes, I know some people will claim that Windows is an requirement for the specific uses you have. I don't really care - for the wast majority of computing users around the world, Windows is an option, not an requirement. And, I am happy for that.

Re:Windows is an option today - not an requirement (2, Interesting)

Anonymous Coward | about a year ago | (#44641541)

It's telling that around here Stallman and Linus are mentioned before Richie and Thompson.

It's be like me thanking the Lougheads and forgetting Ader, Whitehead and the Wrights.

Typical misleading Slashdorks.

Re:Windows is an option today - not an requirement (3, Informative)

Anonymous Coward | about a year ago | (#44641831)

The license of Unix we use costs about $20,000 for the number of users we have.

Not practical for most people. Thank the people who make it practical. It's you who is wrong, not him.

Re: Windows is an option today - not an requiremen (0)

Anonymous Coward | about a year ago | (#44642255)

Because there could be no similair problems with an American closed source Unix?

Re:Windows is an option today - not an requirement (4, Interesting)

inking (2869053) | about a year ago | (#44641751)

Considering that the vastest majority of users have very basic needs--to quote someone I knew "I need to be able to use Facebook and the Internet"--modern Linux distributions and probably OSX are actually a better solution for them than Windows due to the simple fact that they are currently significantly less likely to get malware and thus break them.

Re:Windows is an option today - not an requirement (-1)

Anonymous Coward | about a year ago | (#44641891)

You can fuck that smelly SOB Stallman. The worst thing Linus ever did was put Linux under the GPL so that fucker could get his slimy hooks into it.

Re:Windows is an option today - not an requirement (3, Funny)

RotateLeftByte (797477) | about a year ago | (#44641971)

Balmer is that you?

Re:Windows is an option today - not an requirement (3, Interesting)

Pi1grim (1956208) | about a year ago | (#44642105)

Yeah, because BSD worked out so nicely for FreeBSD and others in the family. And BSD community is now thriving, thanks to all the commits and return of code from the most open OS - iOS and OS X. Oh, wait, they don't? Ah, who cares about facts, when I can throw dirt at GPL, because those dirty programmers won't let me take the source add some stuff for incompatibility and then sell it off as my own, without sharing source code with the users, they 're clearly infringing on my entitlement to their work.

Re:Windows is an option today - not an requirement (3, Interesting)

blackest_k (761565) | about a year ago | (#44641995)

I'm not so sure if running Linux would be any safer with a machine that has the trusted computer module built in. Does it even need to be a separate piece of silicon or could it be built into the cpu?

Maybe intel inside, might at some point change meaning and at what point does this occur ten years time, now or already?

Maybe Germany might create a demand for non trusted computers but would they keep them clean or just put in their own backdoors?

    Ok we know that the USA spies on everyone even their own, but lets not pretend it isn't happening all over the world. Name a trustworthy Government any where.
     

Re:Windows is an option today - not an requirement (0, Troll)

VortexCortex (1117377) | about a year ago | (#44642103)

I don't really care - for the wast majority of computing users around the world, Windows is an option, not an requirement.

I howehawtedwee agwee. Now, If onwy we couwld do something abouwt that wascally wabbit!

Not just Win8 (3, Interesting)

geek (5680) | about a year ago | (#44641429)

Everything Microsoft produces. I have the misfortune of working with the MS developers on a regular basis and if I had a nickle for every time they told me they didnt know how their own software works I'd be richer than Bill Gates.

Nevermind the inherent security flaws in their crap OS, my concern, and the concern from every foreign country should be MS's willingness to work with the NSA. If ever there was a time to ditch Microsoft and go Open Source it is now.

Re:Not just Win8 (0, Troll)

TemperedAlchemist (2045966) | about a year ago | (#44641529)

I have programming friends that applaud Visual Studio, so I'm not sure if other professionals share your hatred.

The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity. That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it. The only OS I would give that award to is whatever Kaspersky is cooking up.

Re:Not just Win8 (5, Insightful)

h4rr4r (612664) | about a year ago | (#44641643)

Are you totally ignorant of the software world?

Linux is at this point more popular than windows, if we count embedded devices and servers. Windows has come a long way, but until very recently it had some serious problems. The issue stems from the design philosophy not any level of obscurity.

Re:Not just Win8 (0, Flamebait)

wmac1 (2478314) | about a year ago | (#44641781)

Are you ignorant yourself? We are talking about Windows 8 (a desktop and recently tablet OS). Linux desktop has less than %1 market share.

If it was a better product , users would prefer it with its free price. I have used Linux for 15 years (on servers) but I cannot bear it on desktop.

Re:Not just Win8 (1, Informative)

h4rr4r (612664) | about a year ago | (#44641847)

Windows 8 runs on other platforms too. Go look at the linux tablet market share and compare that to windows 8 tablet share.

I have used linux for that long on the desktop. Works fine.

Marketing matters far more than you think. Bud is a very popular beer, and no one really thinks it is a good beer.

Re:Budweiser (0)

Anonymous Coward | about a year ago | (#44642049)

Damn good beer. The recipe sucks ass, most Americans have no taste, but it is a hell of a good quality product.

Re:Windows (0)

Anonymous Coward | about a year ago | (#44642107)

Damn good OS. The security sucks ass, most Americans have no sense, but it is a hell of a good quality product.

Re:Not just Win8 (0, Troll)

TheSkepticalOptimist (898384) | about a year ago | (#44642077)

What Linux tablet market?

Suggesting that Android or iOS is a Linux tablet is stupid. Both those companies co-opted a *nix based OS and turned it into their own proprietary OS and have just as many security flaws as any other OS. Hell, Microsoft is a bigger contributor to Linux then Google is.

Re:Not just Win8 (2)

h4rr4r (612664) | about a year ago | (#44642129)

iOS is not linux. Android is. It uses the kernel and is not proprietary.

Re:Not just Win8 (0)

Anonymous Coward | about a year ago | (#44642149)

iOS is not Linux tablet, but Android is. It's not GNU/Linux tablet, so I'm not interested in it, but it's still Linux.

Re:Not just Win8 (1)

somersault (912633) | about a year ago | (#44641661)

He didn't say anything about Development Environments, he was talking about Operating Systems.

Re:Not just Win8 (5, Insightful)

Anonymous Coward | about a year ago | (#44641711)

> The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

No, obscurity doesn't offer much security at all.

Open Source stuff tends to be more secure because it has so many people looking at it, from many different perspectives, both professionals and amateurs, all working together to improve the code and make it more secure.

Microsoft, on the other hand, are the only people who can patch and improve their code. And they have demonstrated again and again that they can't be trusted to do this in a timely and useful manner.

Re:Not just Win8 (5, Insightful)

Skapare (16644) | about a year ago | (#44641739)

The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications. We are not dependent on the original developers to make any such fixes. I have done this a couple times in the past by fixing security issues in open source code before the developer fixes were available (I could have waited a day and got the developer fixes).

Disadvantage of "Open SORES" (-1)

Anonymous Coward | about a year ago | (#44642187)

Is crackers can step trace source to find holes = easier than disassembling with a kernel level debugger (or even binary app 'fuzzing').

Now, on the note of making fixes: I see your level of accuracy here (2 patches in 1 day on a kernel release) -> http://www.eweek.com/developer/linux-3.10-kernel-receives-two-updates-in-one-day [eweek.com] (MS makes a mistake now & then too admittedly & did this round of patches on this just passed "Patch Tuesday" regarding remote desktop validation & AD - however, unlike you, who won't admit the dichotomy present in your "argument", I do admit it).

On homegrown fixes:

Sure - You can "fix it" if you find a bug as you say ONLY IF you know how to code in the language the OS uses (C most likely) & IF you are intimately familiar with the subsystem(s) + its dependencies on other subsystems + libs in question...

That takes time (on both accounts, learning how to code and well, as well as learning the ins-N-outs of said subsystem & its dependencies).

That is, unless you work on said subsystem frequently & even then? It's a bitch.

QUESTION: How many of you "penguins" around here can claim that? Not many, & certainly NOT the majority.

APK

P.S.=> Bottom-line: What you say doesn't hold true for most users, period... and you KNOW it!

... apk

Re:Not just Win8 (1, Insightful)

Zero__Kelvin (151819) | about a year ago | (#44641997)

"I have programming friends that applaud Visual Studio, so I'm not sure if other professionals share your hatred."

Yes. True and competent professionals share the hatred. Even those who begrudgingly use Microsoft software share it. Show me a guy running around saying "I like Windows; it's great!" and I will show you someone who is by definition incompetent.

"The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity."

That is the best reason I have seen in quite some time to stop thinking about the issue with your current level of knowledge, which is exceedingly inadequate, and to start actually learning about what you are talking about.

"That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it"

It is safer if not poorly administered for many, many reasons. An improperly configured system is unsafe, no matter what OS you use. That being said, a properly administered Linux system is more secure than a Windows system, and it has absolutely nothing to do with the number of people trying to find exploits. People focus on Windows because it is the low hanging fruit. The much more desirable target is Linux, which runs in all the major corporations including Google and Microsoft. The market share for the desktop is greater with Windows, but the important data is on Linux servers, meaning the real professionals would much rather find Linux exploits.

Furthermore, the homogeneous nature of Windows makes it less safe. Because Linux comes in many, many flavours and the kernel in use can and will be different even with the same version release (due to varying config options) it is literally impossible to create an attack that works on all, or even most, Linux systems. Any exploit you can come up with will only work on a very small subset of systems in the wild. Ergo, only targeted attacks make sense on Linux. Trying to come up with a virus that will affect all Linux systems the way one can come up with one that will affect all Windows 7 systems, for example, is a fools errand.

Re:Not just Win8 (0)

Anonymous Coward | about a year ago | (#44642207)

That being said, a properly administered Linux system is more secure than a Windows system, and it has absolutely nothing to do with the number of people trying to find exploits.

Why? Please be specific, enumerate, and do not blow off the question with a "Google it yourself"

Re:Not just Win8 (0)

Kielistic (1273232) | about a year ago | (#44642327)

Yes. True and competent professionals share the hatred. Even those who begrudgingly use Microsoft software share it. Show me a guy running around saying "I like Windows; it's great!" and I will show you someone who is by definition incompetent.

Textbook no true Scotsman fallacy. Beautifully executed.

Furthermore, the homogeneous nature of Windows makes it less safe. Because Linux comes in many, many flavours and the kernel in use can and will be different even with the same version release (due to varying config options) it is literally impossible to create an attack that works on all, or even most, Linux systems.

That's basically the security by obscurity claim. Because making an attack will only affect such a vanishingly small number of users most people just don't do it. But that does not mean a targeted attack is any less possible.

Anybody that runs around and says Linux should be used every where and every instance in place of Windows is just as incompetent as someone claims Windows should always be used over Linux. No platform is perfect.

Re:Not just Win8 (3, Insightful)

pr0fessor (1940368) | about a year ago | (#44642035)

I see it this way... people that write malware, trojans, or what ever do so to make money and they pick the largest easiest target doesn't matter the OS or the software that runs on it but one way or another they will make money. You cannot make an OS secure enough to persuade them to do something else when there are so many gullible user to take advantage of. This is why there is now boat loads of malware, adware, crapware for android.

Visual Studio could be better but it's more like a rapid development environment and shouldn't be compared to a regular IDE.

Re:Not just Win8 (0)

Anonymous Coward | about a year ago | (#44642167)

The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

The hell?

We know that Microsoft collects information about all Windows systems and sends to NSA. To everyone outside the US this is considered a security breach.
I can store all my important papers in an open box in the city square and still have them more secure than anything stored on a Windows system.

Any open source OS is more secure than Windows, not necessarily because of good design choices but because in the Windows case the software is designed to report data to a government agency that is known to take information from private companies in the EU and dump to their US competitors.

Re:Not just Win8 (2)

colinrichardday (768814) | about a year ago | (#44642229)

Yeah, too bad there isn't a German Linux distro

Oops

https://www.suse.com/ [suse.com]

Re:Not just Win8 (1)

cyber-vandal (148830) | about a year ago | (#44641575)

Which Microsoft software are you referring to? If you expect people that develop in ASP.NET to know how the Windows kernel works, do you also expect people who develop websites in OSS languages to know the intracacies of the Linux kernel?

Re:Not just Win8 (1)

somersault (912633) | about a year ago | (#44641757)

Windows. And he isn't talking about people who write software in ASP.NET, he's talking about the people who created and maintain ASP.NET.

Re:Not just Win8 (2)

Trimaxion (2933647) | about a year ago | (#44641849)

Indeed. On large software products like those Microsoft is famous for, is often necessary not to know how every component of product works at a detail level. There are abstractions in place to allow the work to be easily divided amongst a large number of developers, and you typically won't know the implementation details of modules that you didn't have a hand in creating. There's simply too much code for anyone to truly know how everything works. "I don't know" is often the right answer.

That is, unless you're actually responsible for the implementation detail in question. If you don't understand your own code then you are going to a special hell reserved for H1B sponsors and people who talk at the theater.

Re:Not just Win8 (1)

GrBear (63712) | about a year ago | (#44641695)

If ever there was a time to ditch Microsoft and go Open Source it is now.

Sure, soon as my PC games all work on an OSS alternative I'll switch without hesitation. Until then Windows will be the OS du jour.

Re:Not just Win8 (0)

Anonymous Coward | about a year ago | (#44642027)

Who (when concerned about security and the NSA/GCHQ/FIS snooping) give a rats ass about gaming?
If you care about your personal information, the message is clear, don't put it anywhere near windows.
By all means have a machine running windows JUST for games and ONLY games.
No Facebook/Twitter/Email/SN etc etc. and you will be fine.

/. fud for years: "Linux = Secure" (-1)

Anonymous Coward | about a year ago | (#44641797)

Android changed ALL of that & yes, it IS a Linux since it certainly doesn't utilize a MacOS X or Windows core'kernel!

Initially, I was laughed at initially for stating that obvious truth that's come to pass as the truth/reality... However, as anyone can see? Yes - I get that "last laugh" because of it!

"1st they ignore you. Then they laugh @ you. Then they fight you, & then you win"

Additionally: I wonder what KIND of 'programmers' you spoke to for your 'sample set': WebChumps is my guess - they don't UNDERSTAND things very well beneath the browser they work in many times (that's what I've seen since 1994 as a pro)!

(That is, IF you're even telling the truth, since the subject-line WAS "your kind's" brand of "truth" (pravda truth 'fud', lol) for a decade++ here on /. & it was TOTAL bullshit.

History bears me out on that much. I doubt YOU yourself have much of a "history" in computing that's worth your rants now!

(Also doubtless no real accomplishments on your part of any kind that anyone in the field of computing ever recognized as good publicly in publications, trade shows, commercially sold softwares etc.)

Especially since YOU still embrace your mantra of purest fud.

Clue: ANY OS will have exploits. They get patched. This is history (I have seen it in computing since 1982, & since 1994 as a pro developer and network admin). Any OS can be "security-hardened" as well. Get that through your skull.

* You "Pro-*NIX" dorks - you spread ALL KINDS of "FUD" & yet your OS @ the server + end user desktop level (both @ home & on the job) combined cannot surpass levels of usage found on Windows stuff... funniest part is that even when it's given away FREE!

(That tell anyone anything? It does me!)

APK

P.S.=> Lastly - SeLinux = NSA created, so let's not talk about "MS's willingness to work with the NSA", ok?... apk

Re:/. fud for years: "Linux = Secure" (-1)

Anonymous Coward | about a year ago | (#44641989)

Downmods for facts + no valid rebuttal to you telling it how it is = slashdot. The hive mind/tribal zealots penguins can't handle facts and they show it.

Re:Not just Win8 (5, Funny)

LQ (188043) | about a year ago | (#44641819)

I had a nickle for every time they told me they didnt know how their own software works I'd be richer than Bill Gates

If it takes them 10 secs to say that, and Bill Gates has 50 billion dollars, it would take you 16000 years to get that rich.

How is TPM a security risk? (3, Informative)

afidel (530433) | about a year ago | (#44641431)

TPM is nothing more than a hardware keystore, I'm not sure how they'd see it as a security risk unless they're worried that the NSA has the MS signing key's private key (probable) but even then it doesn't exactly give you worse security than other OS's without access to a hardware keystore.

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44641487)

I wondered the same thing. This strikes me as someone with an agenda trying to get German Gov off MS products completely.

Maybe they'll argue that the google cloud will be more secure.

Re:How is TPM a security risk? (0, Informative)

Anonymous Coward | about a year ago | (#44641501)

TPM is nothing more than a hardware keystore, I'm not sure how they'd see it as a security risk unless they're worried that the NSA has the MS signing key's private key (probable) but even then it doesn't exactly give you worse security than other OS's without access to a hardware keystore.

I don't think the author of this article have any clue about what TPM is or how it works.

Re:How is TPM a security risk? (5, Insightful)

cbope (130292) | about a year ago | (#44641955)

This. This is overblown BS written by someone who doesn't understand TPM and what it can and can't do.

The story also fails to mention that the TPM module is usually an option and typically only available on corporate PC's. Not to mention the fact that it can be disabled in BIOS/EFI if you are admin over that system.

TPM is not even required by Windows 8. RT... well that's another issue but this article is mainly about PC's, not RT tablets.

Re:How is TPM a security risk? (5, Interesting)

Sique (173459) | about a year ago | (#44641509)

Just read TFA, it does a good job at explaining the security risks and concers. One important concern is that while the BSI (the german Federal Office for Information Security) was involved in the TPM 2.0 specification, all their proposals were denied, while the proposals the NSA had were accepted. And the final acceptance was announced with "The NSA agrees".

Re:How is TPM a security risk? (5, Interesting)

IamTheRealMike (537420) | about a year ago | (#44641697)

So we have a case of sour grapes, then? Unless one of the NSA requests was "we want a backdoor" then this by itself doesn't mean much because the NSA is a weird creation that not only spies on everyone, but has an "information assurance" department that tries to design secure systems for US usage. They're behind the creation of SELinux which is both highly sophisticated and well reviewed by independent third parties. It does not have back doors. Also, many important constructions in cryptography were designed by the NSA. For example SHA2 was designed by the NSA and it is extensively studied. It has never been found to contain even a hint of a back door.

This crap about how the TPM allows Microsoft to remotely control computers for DRM purposes came up over a decade ago when trusted computing extensions were first designed. It was FUD back then with no connection to reality, and it's certainly FUD today too. If you want to learn about the actual next-gen TC technologies, go and read up on Intel SGX. Then go and read this post on bcflick [bitcointalk.org] , a use of the TPM and trusted computing designed to make Bitcoin wallets more secure. That's the kind of thing the tech is designed for. The TPM isn't even electrically capable of controlling the CPU.

Re:How is TPM a security risk? (2)

drinkypoo (153816) | about a year ago | (#44641723)

I am a bit unclear as to how you go from "everything the Germans wanted was ignored" to "sour grapes". Could you please explain your thought process there?

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44641949)

Your right, he shouldn't have said "sour grapes". What he should have said is "condemning something out of spite for not getting one's own way". You know, taking one's ball and going home. Or, just being crybabies.
 
Judging FTFA

Microsoft could thus theoretically determine that no word processing program other than Microsoft Word works on Windows 8th The competition may be legally problematic. But it also has security implications, precisely because the user has no influence on what Microsoft is allowed and what is not.

Germany's beef isn't with what is being done, but with what they think might be done because something is possible. In other words, they are using a stealthy form of slippery slope argument.

Re:How is TPM a security risk? (5, Interesting)

gstoddart (321705) | about a year ago | (#44641813)

Unless one of the NSA requests was "we want a backdoor" then this by itself doesn't mean much because the NSA is a weird creation that not only spies on everyone, but has an "information assurance" department that tries to design secure systems for US usage.

But since nobody actually knows, and because if the NSA informed Microsoft to hand over the keys they'd be legally required to, and because while they help design 'secure systems for US usage' nobody trust them for anything that isn't the US.

So, it's OK if you want to trust TPM, Microsoft, and the NSA. But that doesn't mean that the rest of the world has any reason to do so.

I think you are increasingly going to see governments around the world look at Microsoft and say "do we want to put all of our infrastructure in the hands of someone who has to take orders from a US spy agency?" And I think the only logical conclusion is going to increasingly be "no, not really".

Re:How is TPM a security risk? (4, Insightful)

VortexCortex (1117377) | about a year ago | (#44642245)

I think you are increasingly going to see governments around the world look at Microsoft and say "do we want to put all of our infrastructure in the hands of someone who has to take orders from a US spy agency?" And I think the only logical conclusion is going to increasingly be "no, not really".

Oh hey, look, a Windows Update -- A remote root level patch to my operating system, one that in the past has had glaring issues with certificate signing, and now we suspect could be gag ordered and required to hand over the keys to install anything the NSA wants into any Windows system on the planet.

I think the question will be, "Do we want to use software with a HUGE BACKDOOR in it for anything at all ever?" And I believe the conclusion is going to be far worse than, "no, not really".

Meanwhile the "conspiracy nuts" who've seen the writing on the wall for decades (Omnivore, Carnivore, ECHELON, PRISM, etc) can smugly declare either, "Finally" or "I told you so." then go right back to being ignored by fools at large.

Re:How is TPM a security risk? (5, Insightful)

thegarbz (1787294) | about a year ago | (#44641873)

I was also a nice trustworthy person which caught people by surprise when I stole money from their wallets.

Ok no I wasn't but just because the NSA has at times released software without backdoors should in no way influence your opinion of their future performance, especially given future performance is malware that provides a back door, not to mention back doors to every ISP in the country, spying on international conferences etc. Honestly it would be outright foolish to assume that anything they had a major hand in is safe.

That said TPM serves one purpose, secure the system from the prying hands of the user. The only thing holding back DRM being the primary beneficiary of TPM is the lack of adoption and the fact that TPM is entirely voluntary. If every computer had a TPM module regardless of the users preference you could be damn certain that many DRM schemes would be using this. A trusted key store safe from the user is exactly the kind of security system a DRM scheme needs to operate well.

Just because something hasn't (yet) come true does not make it FUD.

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44642219)

If it's only FUD, then explain why TPM 2.0 can't be disabled. Because it's better for Average Joe? No, because Average Joe couldn't access the BIOS anyways, so there's no reason not to leave the option to disable it.

Secondly, why should any person with an average IQ trust something that was designed also with NSA's suggestions?

I'm afraid that the american IT industry is now facing the consequences of the recent spying revelations, nobody trusts it anymore.

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44641767)

Judging by this, I'd bet all the TPM hardware is backdoored to the point of letting NSA free access to any system that has it. No wonder Germany is worried. I'd rather trust huawei at this point than anything that comes from US.

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44641515)

If only there was somewhere that could explain what the article means without RTFA.

Re:How is TPM a security risk? (3, Funny)

Megane (129182) | about a year ago | (#44641641)

I think rectal divination is the preferred means on Slashdot.

Re:How is TPM a security risk? (4, Informative)

Anonymous Coward | about a year ago | (#44641525)

A hardware keystore you don't have the keys to.

Re:How is TPM a security risk? (5, Informative)

Anonymous Coward | about a year ago | (#44641539)

http://en.wikipedia.org/wiki/Trusted_Platform_Module [Wiki]
See "Criticism" section:

"... The concerns include the abuse of remote validation of software (where the manufacturer — and not the user who owns the computer system — decides what software is allowed to run) and possible ways to follow actions taken by the user being recorded in a database, in a manner that is completely undetectable to the user.
In simple words, it removes user's ability to control the hardware he owns, reducing the device to hardware maker's stealthy agent.
It is "Trusted" to hardware manufacturer, but, the same makes it "uncontrollable" for the user - making the user dependent on trust to the manufacturer, or whatever government or authority there is at particular location."

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44641639)

The criticism section of the trusted computing wikipedia page isn't a bad place to start.

Re:How is TPM a security risk? (0)

afidel (530433) | about a year ago | (#44641667)

Except it's horrible, there's nothing remote about TPM, it does absolutely nothing to communicate with the outside world.

Re:How is TPM a security risk? (5, Informative)

Jesus_666 (702802) | about a year ago | (#44641653)

The concern is mainly that the system hinges on the TPM, which in version 2.0 of the standard is controlled by the OS and can't be deactivated. Either you unconditionally trust the operating system (and its vendor) or you can't trust the entire system. Plus, the NSA got to mess with the standard while at least the German BSI (who issued this warning) tried but didn't get anywhere (e.g. they failed to get an opt-out function added to the standard). Plus, all TCG members are American companies and several of them are known to have made deals with the NSA before (such as giving information about security flaws to them first).

In short: The BSI doesn't unconditionally trust Microsoft around sensitive documents and recommends that no TPM 2.0 compatible OS from Microsoft is used where those might show up because TPM 2.0 makes trust in the OS vendor mandatory. Win8/TPM2 is okay for home users who don't want to think about computer security but it has no business being around stuff that might cause harm if leaked to foreign intelligence agencies.

Re:How is TPM a security risk? (0)

Anonymous Coward | about a year ago | (#44642053)

Wait...It can't be deactivated only in windows 8, or it can't be deactivated AT ALL? In the second case, if one doesn't trust the TPM, then it doesn't matter whether it's Windows 8 or any other OS.

Re:How is TPM a security risk? (1)

Skapare (16644) | about a year ago | (#44641765)

So I can write and erase anything I want to in the TPM?

Re:How is TPM a security risk? (4, Insightful)

cardpuncher (713057) | about a year ago | (#44641843)

Some issues:

It's a hardware keystore under the control of the vendor: they have access to your keys, you don't have access to their keys.

If you've bought only-certified-for-use-outside-the-US hardware you may find yourself only able to run the OS-with-NSA-backdoor "export" version of your chosen operating system.

If your software vendor decides (or has decided for them) that your web browser (for example) should not permit you to access certain websites, it can be enforced in hardware outside of your control.

The remote "attestation" feature as originally designed could effectively identify individuals (or at least individual pieces of hardware) on the Internet, effectively abolishing any vestige of privacy. It is siad that Direct Anonymous Attestation introduced in the latest round of TPM specs permits the integrity of the TPM (for Digital Rights Management) to be tested without revealing the identity of the device.

In other words, if you have control of the TPM, it's exactly "just" a hardware keystore. However, if you don't have control, or if control must be ceded to another party in order to run some particular piece of software, you are entirely under the control of that party - and whoever controls them. And if you suspect your security is being compromised, you can't necessarily fire up a debugger or trace system calls, because unless that debugger has been signed by the OS vendor it's not going to run and you have no means of knowing whether it behaves as documented. It's a potential rootkit mechanism: you have to trust the OS vendor implicitly. And that's the point - it's not about allowing you to "trust" the vendor, it's about the vendor's "trust" in their control of you.

What? (2)

DogDude (805747) | about a year ago | (#44641433)

This doesn't make any sense. It's insecure because you can't NOT use TPM?

Re:What? (5, Informative)

Anonymous Coward | about a year ago | (#44641463)

It is insecure because you CAN'T use it for your purposes.

It is only there for MS and, by extension, the NSA.

You didn't think that secure boot crap was for YOUR benefit, did you?

Re:What? (0)

Anonymous Coward | about a year ago | (#44641473)

yes.

Re:What? (1, Insightful)

Anonymous Coward | about a year ago | (#44641489)

It makes complete sense, a government wants to ensure they have complete control over the hardware being used for sensitive data. If they are unable to opt out of using TPM that means the keys to that hardware would be under someone elses control.

Not exactly strategically sound to have key hardware at the mercy of foreign providers, or even domestic corporations in some cases.

I was under the impression that TPM2.0 was still opt-outable though

Re:What? (4, Interesting)

Sique (173459) | about a year ago | (#44641517)

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

Re:What? (1)

Anonymous Coward | about a year ago | (#44641635)

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

But this is patently untrue (if we care about facts), you can opt out.

Re:What? (1, Troll)

drinkypoo (153816) | about a year ago | (#44641755)

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

But this is patently untrue (if we care about facts), you can opt out.

The TPM is going into the CPU. You will not be able to opt out. It's a fact. It will still be in there. Do you really believe there won't be a way to turn it on and use it against you? And if so, on what basis? By the very specification, you are not permitted to be in charge of your own hardware. That is unacceptable to say the least.

Re:What? (4, Informative)

gstoddart (321705) | about a year ago | (#44641719)

This doesn't make any sense. It's insecure because you can't NOT use TPM?

If you don't trust the security of TPM, or that it doesn't have in-built stuff the NSA can use to spy on you ... then, yes, you have to consider it insecure.

It's a 'secure' system you don't control, which means if you need a secure environment, you need to trust a 3rd party.

If that 3rd party is Microsoft, who we know is beholden to the NSA -- then you betcherass it's considered insecure. Essentially, the German security people are saying "we don't trust Microsoft or the NSA/US government" -- therefore the entire platform is considered not secure.

One of the biggest complaints about TPM is that you have to explicitly trust whoever controls the keys and the like. And if you don't control it, and don't trust the 3rd party, the whole thing is garbage.

So, it makes perfect sense -- because TPM has never been about the users ability to define their own trust, it's about the manufacturer saying "you're going to have to trust us or not use our stuff". So, not using their stuff is the logical conclusion.

Re:What? (0)

Anonymous Coward | about a year ago | (#44641935)

So, it makes perfect sense -- because TPM has never been about the users ability to define their own trust, it's about the manufacturer saying "you're going to have to trust us or not use our stuff". So, not using their stuff is the logical conclusion.

I'd go a step further. It's about the manufacturer saying "you're stuck with our stuff because we're more concerned about our copyright enforcement and anything else that companies and governments pay us for than we are about your pithy user trust issues."

Re:What? (0)

DogDude (805747) | about a year ago | (#44641937)

because TPM has never been about the users ability to define their own trust

When it comes to hardware, the only way to completely trust it is to go to where the chips are being manufactured, and study the entire design of each chip being used in whatever device you're worried about. As an individual that doesn't have the ability to examine the details of every chip and board in my gadgets, I'd much rather trust Microsoft than some generic Chinese chip maker.

Re:What? (4, Insightful)

gstoddart (321705) | about a year ago | (#44642101)

When it comes to hardware, the only way to completely trust it is to go to where the chips are being manufactured, and study the entire design of each chip being used in whatever device you're worried about.

True as that may be, there are encryption keys stored in there that the owner of the device doesn't control.

So, if I'm building a secure environment, and I know there is a component I do not control or can't isolate (you can't disable this, remember) -- then I have to try to remove that component. That component is TPM, which is more about DRM than securing the computer for the owner.

I'd much rather trust Microsoft than some generic Chinese chip maker.

Well, have fun with that.

Due to the Patriot Act, Microsoft is no longer a trustworthy entity. In fact, no US company is anymore. Not for their cloud services, and not for any installation which needs to be secure.

If the US government wants to make US corporations an arm of their spy agencies, don't bitch and moan when other governments decide there are risks they can do without in using those products -- because unless they're willing to take MS or the NSA at their word (and, really, why would they?), they have to assume these systems are compromised.

A year or two ago when some of us were saying these cloud services were something you couldn't trust due to the Patriot Act, people were saying "oh, don't panic, it's no big deal". But since it's now patently obvious that the NSA can and does tap Microsoft to provide them some data -- I would have to say it's pretty much objective fact that, no, you really can't put trust in them beyond what you can 100% control.

You feel free to trust who you like. And the rest of the world will do the same. I'm sorry, but the US government and Microsoft have pretty much demonstrated that they're not something you can trust.

Re:What? (1)

DogDude (805747) | about a year ago | (#44642159)

I'm sorry, but the US government and Microsoft have pretty much demonstrated that they're not something you can trust.

And the Chinese are? Unless you can design and fabricate your own chips, you have to trust somebody. I'll take Microsoft over the Chinese any day. But, to each their own.

Very confused article (0)

Anonymous Coward | about a year ago | (#44641435)

This is a very confused article that seems to lack even the most basic understanding of the subject.

Can anyone who reads German confirm if it is just the auto-translation that fails, or if this article is just plain out nonsense?

Re:Very confused article (0)

Anonymous Coward | about a year ago | (#44641725)

The article isn't much less confusing in German. They got that TPM might give Microsoft too much control over users computers (which software it can be run) and seem to interpret this as if Microsoft gains direct control over users computers. They don't seem to realize that any potential MS/CIA backdoor would work independent of the presence of TPM.

There is also an Update from the BSI in which they refuse this interpretation.

And the follow-up article (4, Informative)

DingerX (847589) | about a year ago | (#44641469)

Where the BSI takes issue [www.zeit.de] with their reporting.

Of course, with the extent now clear of the US government's use of US IT companies to maintain American political and economic advantages, if you were running a non-US-based company or a non-US-governmental organization, you'd want to do as much critical business with non-American hardware, software and services as possible.

Re:And the follow-up article (1, Flamebait)

bfandreas (603438) | about a year ago | (#44641535)

Where the BSI takes issue [www.zeit.de] with their reporting. Of course, with the extent now clear of the US government's use of US IT companies to maintain American political and economic advantages, if you were running a non-US-based company or a non-US-governmental organization, you'd want to do as much critical business with non-American hardware, software and services as possible.

I wouldn't take technological advice from Die Zeit. They still think steam engines will never replace the Spinning Jenny.
Also ... the BSI ... bruahahaha.

*snort*

Whatever backdoor MS has planted for whoever asked them will propably have made its way into any older Windows version via their automatic update.

Re:And the follow-up article (0)

Anonymous Coward | about a year ago | (#44641953)

I wouldn't take technological advice from Die Zeit.

It seems like Slashdot do.

Even their original source for the story has distanced themselves strongly from this nonsense article.

NSA VPN searches on XKeyScore (4, Interesting)

Anonymous Coward | about a year ago | (#44641507)

One of the example searches about XKeyscore, (the NSA software that lets them do ad-hoc searches on everyone's private comms) was

"show me all new VPN connections in country X"

How does it get the VPN connection data? When I investigated Windows *7*, I notice that when a VPN connection is made by the OS, the software makes two connections, one directly to a Microsoft server bypassing the VPN and one through the VPN. Both share session ids. It seems to flag to Microsoft (and NSA) the two IP addresses (via the VPN / original un-routed VPN address).

So they're focussing on Windows 8, but Windows 7 has its share of nightmares.

Then has anyone looked at Symantec / Norton 360 etc.? With all it's "password vault" features and online URL checks. It could be the NSA has served these companies with secret warrants. So we may not be able to trust that it will flag NSA spyware, or that passwords are not making their way into the Utah Stasibase.

Re:NSA VPN searches on XKeyScore (2, Insightful)

Anonymous Coward | about a year ago | (#44641649)

Do you have a link to some sort of evidence? I'm sure lots of people would love to see that.

Re:NSA VPN searches on XKeyScore (1)

Anonymous Coward | about a year ago | (#44641923)

Just watch the network connections a Windows 7 pc makes when connecting the VPN, its not hidden.
For the XKeyscore's 'vpn' search example, see the XKeyscore leak documents.
As to whether this network connect is the source of that XKeyscore's VPN search data, that's unprovable. We know NSA get that information because it was in the leak, we know this feature provides that information you can see it in the network connects. But proving that the latter provides the former is impossible without further leaks.

I think its better to be safe than sorry, connect to VPN's only via a trusted router rather than on a Windows PC VPN service, and avoid VPN services from US based companies as that is another possible source for that data.

Re:NSA VPN searches on XKeyScore (1)

radish (98371) | about a year ago | (#44642051)

I think it's much more likely the NSA figure out the VPN stuff by simple traffic analysis - they don't need Microsoft to tell them anything (particularly as I'm sure they're well aware that a large percentage of VPN connections don't involve Microsoft platforms). Doesn't mean I'm not interested in the phone home connection though...

Re:NSA VPN searches on XKeyScore (2, Interesting)

Anonymous Coward | about a year ago | (#44642145)

Bullshit and FUD. If this were the case the web would be lit with packet dumps from people demanding an explanation. Pics or it didn't happen.

Have you looked closely at ANY "cloud based" AV lately? They all communicate with the mothership if you don't wrap the ethernet in tinfoil! *snort* Surely we need to move to Russian or Chinese sourced AV for complete security right?

Re:NSA VPN searches on XKeyScore (1)

pfigura (1308835) | about a year ago | (#44642191)

Do you think the Kaspersky password vault would be more meaningfully protected against US authorities? That being said, it's probably thoroughly infiltrated by Russian Intelligence.

BSI published a clarification (5, Interesting)

Golden_Rider (137548) | about a year ago | (#44641581)

The BSI (Bundesamt für Sicherheit in der Informationstechnik) published a clarification after websites reported about that Windows 8 warning: https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2013/Windows_TPM_Pl_21082013.html [bsi.bund.de]

Basically, they pedalled back a bit. They now claim they never warned about Windows 8 itself, but about possible risks when combining Windows 8 with TPM 2.0, because the user no longer has complete control over his system and that because of that, the user could end up in a situation where the system is permanently unusable. They no longer mention the US / the NSA and the possibility for backdoors, instead they now just mention the possibility of "sabotage", and the need for an opt-in AND opt-out for things like TPM 2.0.

Re:BSI published a clarification (1)

Anonymous Coward | about a year ago | (#44641975)

Sorry, but they didn't "pedalled back". The just released a broader, more general second statement, which doesn't contradict the first. They haven't denied anything of what they said before.

Most importantly, nobody trusts american hardware anymore after the revelations about the NSA. I live in Austria and my company is trying to get rid of any american and chinese hardware, excluding the CPUs (no alternatives to Intel and AMD for those).

Zeitgeist (0)

Anonymous Coward | about a year ago | (#44641613)

I wonder when they'll notice Ubuntu?

How can something... (1)

Skiron (735617) | about a year ago | (#44641631)

...not used by anybody be a 'security risk'?

How prophetic was this: (2)

redmid17 (1217076) | about a year ago | (#44641833)

From Wikipedia's TPM talk page in 2007:

As much as I love the NSA looking through email and phone records, I would prefer that the had to *at least* work for it. Trusted Computing (What a crock BTW) says it can be turned off, but does anyone know how? Fosnez 07:52, 13 February 2007 (UTC)

This is absolute nonsense (0)

WD (96061) | about a year ago | (#44641863)

Has there been the same sort of outcry for iPhones being unacceptable security risks? I mean, Apple controls what software you can put on the device. And they can pretty much do anything to the device that they want without asking you. For any software that you use, you are trusting the vendor. You trust Microsoft to not push out a backdoor on patch Tuesday. You trust Google to not intercept your banking credentials with an automatic/silent Chrome update. etc. etc... There's no justification to say OMG Windows 8 now suddenly gives the ability for someone else to do something I might not want.

On a technical level (e.g. included exploit mitigations), Windows 8 is safer than any other Windows operating system. Even if Windows does go down the iOS route of only running approved software, does that really make it less safe? Maybe vendors are starting to realize that it's OK if Joe Home User can't run CuteKittens.exe that was just emailed to him.

Don't trust software vendors or other people? Good. Write your own OS and don't plug it into the internet. If you get that far.

more government FUD (1)

TheSkepticalOptimist (898384) | about a year ago | (#44642135)

I mean, the moment that "government" is included in a statement about technology policies, you should just look away. There is no reason why TPM makes Windows 8 less secure, and as a platform, Windows 8 is one of the most secure versions of Windows created. While I would argue greatly that Windows 8 is about as secure as any other OS (I mean hell, Linux is full of security patches just as much as any other mutha fucking OS), this screams of stupid anti-Microsoft lobbying using FUD as their "factual" grounds.

The point is moot because people are arguing about who is dominant on a dying platform. In 5 years nobody will use PC's/Macs/Linboxes except the people creating the content on the "other" 99.99% of the devices used by governments and the general population, and those other devices have way more security issues then a PC ever has had, regardless of what OS they are running.

Whats old is New Again (0)

Anonymous Coward | about a year ago | (#44642139)

Get your soldering guns and wire wrap tools out again boys.

We'll soon be pasting discrete components together again to build our own ALUs.

National Semicoductor 1000.. I called it!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>