Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

163 comments

THINK! (3)

nano-second (54714) | more than 14 years ago | (#1692726)

yes, it seems that the NAME of a key is a bit weak evidence to use.

However, I think people began to have more fun with the "government has evil plans" conspiracy theories and they lost track of the real topic. So far, there seems to be no *real* evidence of anything, either way, at all.

the real lesson should _not_ be "be afraid of MS and the NSA", it should be "THINK about what you are reading and get more information".
If you don't, you will be one of the unsuspecting masses who will get blinded by propaganda.
---

Not MS's idea, it was the NSA's idea (0)

Anonymous Coward | more than 14 years ago | (#1692727)

Microsoft put in one key, then when the NSA reviewed the code they said MS should have two keys. Why? dunno, but I think the NSA knows more about information security than you, I, or Microsoft.

Re:Most likely explanation is... (1)

William Tanksley (1752) | more than 14 years ago | (#1692728)

I'm sure you're right that the NSA wants that. However, the way they would _GET_ that is either asking Microsoft to give them MS' secret key so they can write their own codes, OR secretly replacing Microsoft's public key with their own on the computers they're using (after all, there is no reason to continue using MS' key).

So this isn't a good explanation for the existance of the second key.

I think the true explanation is even simpler: someone who didn't know crypto added it and specified its features, and either nobody who knew crypto paid attention, or their warnings simply weren't heeded until too late.

I've seen this happen MANY times, and it's astounding how smart, well-worded, and properly delivered arguments can be completely ignored until it's too late.

I'm sure the third key got in W2K in a very similar way.

-Billy

not a coward, just forgot password (0)

Anonymous Coward | more than 14 years ago | (#1692739)

Huh? I can't figure out the point you have. Basically, M$ is simply trying, despite US gov't stupidity, to sell what willing buyers want. If putting in a private authentifier for the spooks lets M$ sell, then they will follow the path of least resistance. not a moral stance, but a responsible one for their stockholders. As far as the gov't export laws go, they can't work, don't work and are a PHB solution - all sound, no substance. So weaseling around them, as you seem to accuse M$ of doing, is no big deal. No worse than setting up Apache on linux and not informing the upper management details on how the website was done (ie, not getting into pointless discussions on the use of "freeware"). You did what was explicitly asked, and kept the details from the ignorant. I find having to trust M$/US gov't for signed modules much MORE offensive than having a signing module that can be easily removed. Easy removability, IMHO is a feature, not a bug, as you seem to imply. If Bruce is correct, and he is an acknowledged expert on the topic, this was a no big deal. Deleting NSA key would simply mean that the NSA couldn't use your machine to run their private wordprocessing software the next time the black helicopters drop agents into your livingroom. SO the only issue left is this: how do you remove NSA key? It may be harmless, but I don't want it. and what other modules are available? (second question is out of curiousity) Best wishes

Re:Speculation. Astute speculation but still... (0)

Anonymous Coward | more than 14 years ago | (#1692740)

Uhhh, the Lotus Notes Internation version is as secure as other software approved for export as far as the NSA is concerned, it's more secure for everyone else to try to mess with.

You made the laws, now enforce them! (4)

Greyfox (87712) | more than 14 years ago | (#1692741)

Microsoft or the MUTT team or Phil Zimmerman, exporting a crypto API is exporting a crypto API and illegal under the current US Crypto laws. Since Microsoft is breaking those very clear laws by shipping NT with a replacable key, every single one of us should demand that the US Commerce department pursue this case with exactly the same level of zeal with which they pursued Phil Zimmerman. Why haven't they already stopped all shipments of NT out of the country? Certainly if Phil was shipping PGP out of Redmond, the men in black would have already stormed his office and confiscated all his computer equipment.

Or are we proving once more that if you have enough money, you're above the law?

just a thought... (1)

Anonymous Coward | more than 14 years ago | (#1692742)

From the original article..

"Normally, Windows components are stripped of identifying information. If the computer is calculating "number_of_hours = 24 * number_of_days", the only thing a human can understand is that the computer is multiplying "a = 24 * b". Without the symbols "number_of_hours" and "number_of_days", we may have no idea what 'a' and 'b' stand for, or even that they calculate units of time."

...

"Then came WindowsNT4's Service Pack 5. In this service release of software from Microsoft, the company crucially forgot to remove the symbolic
information identifying the security components."

this doesn't mean that i acutally believe something like this could simply just "slip through to the public", but don't be so naive people. this is the government of the most powerful nation in the world. to think they don't have some form of control over a product which is a) originated in this country b)used in almost every country in the world and c) has the capability to "interfere with national security" is ludicrous. also, it appears to me that in most of the responses to the article people didn't really read the part i quoted above. if the allegations of microsoft "forgetting" to change their variable identifiers to ambiguous ones is actually true, then i believe this finding deserves some credit. however, i don't want to be naive as well and believe everything that i hear. examine all the facts, and think before you speak.

Re:The following 4 questions are still not answere (2)

Anonymous Coward | more than 14 years ago | (#1692743)

To answer question 1: Just about anyone has access to ALL of the NT Source. You should have seen the server(s) get slammed when this came out: everyone looked for it themselves.

Then why do you care at all? (0)

Anonymous Coward | more than 14 years ago | (#1692744)

If you don't trust Microsoft, you probably arn't using their software anyway. In any case, MS has lobbied extencivly against crypto controls. MS programmers are still programmers, not demons contemplating the destruction of all life, as some would have you believe. MS is made up of People.

Re:The following 4 questions are still not answere (2)

William Tanksley (1752) | more than 14 years ago | (#1692745)

#1 is correct, and I'm sure it's the main reason.

#2 is incorrect -- all symbols were stripped, both _KEY and _NSAKEY. Symbol stripping is standard on executable releases; it reduces bulk and helps keep dirty names out of releases.

#3 is amusing -- you use the phrase "so many smarter things to do" and "Microsoft" in the same sentence. Face it, Microsoft has always been stupid. And getting bigger doesn't help -- the IQ of a group is equal to the minimum of the IQs of its members, divided by the size of the group (as a Debian user, I'm unhappy about that rule :).

#4 is just SO wrong it's not funny. Most every OS vendor, and many other software and hardware vendors, have deals to ship this stuff.

-Billy

Re:It's (not) the NSA, stupid (1)

blazer1024 (72405) | more than 14 years ago | (#1692746)

I agree, the NSA isn't stupid. They know what they're doing. It just goes to show you what the media can do to the general public. They can suddenly publish a story about M$ being allied with the NSA and too many people believe it. I mean, I would never trust Microsoft, but I doubt they would ever do something like that. More likely, it's their *lack* of security that is linked to the NSA. Think about it, if nobody has any security, then the NSA can easily poke around wherever they please. They want to read someone's e-mail? Think Hotmail. Who knows. All I know, you can't fight them directly, so you gotta make yourself some unbreakable code.

Enough with the fuss (1)

Calloway (8670) | more than 14 years ago | (#1692747)

Honestly, a majority of users seem to be getting worked up because of all the hype. It doesn't help that Linux users (me included) have the ingrained belief that Microsoft sucks, and derive much glee from this NSA business and the Hotmail crack. I'm glad to see that people are calming down from the screams of conspiracy; sometimes a cigar is just a cigar (or perhaps I should appeal to Occam's razor)

Personally, I'm quite the fan of the programmer's-joke theory: I've got one thing named KEY, I'm bored, I don't want to name it KEY2 or something equally boring, so why not slap "NSA" in front? Hmm, maybe I should slip "NSA" into the code I'm (supposed to be) working on right now...

Re:It's (not) the NSA, stupid (1)

Just Some Guy (3352) | more than 14 years ago | (#1692748)

I have two conflicting views:
  1. Yes, I have more faith in the NSA's ability to be sneaky - even though I personally know at least one twit they hired fresh out of college, and have less admiration for their HR staff.
  2. I can't bring myself to completely disbelieve the conspiracy based simply on the fact that it would require a colossol screw-up by Microsoft. I mean, gee, they'd never mess something up that badly, would they?

One way or another, I'd like to see who all's changed status on their payroll over the last week or so...

It's (not) the NSA, stupid (3)

el bastardo (12041) | more than 14 years ago | (#1692751)

I have to agree with Bruce's (and quite a few /. readers') take on this. If the NSA really did put a back door into Windows, they'd make damn sure no one could find it. Ever. That's why they're called "spooks".

Besides, with Echelon, they don't even need the back door......

hmmmm (0)

markjrubin (88076) | more than 14 years ago | (#1692753)

That sure is a big retraction from what he said earlier. I guess in the first article he implied what he is now denying he said. Think he got a call from a lawyer? I do. Mark

Bruce is da man! (3)

Icepick_ (25751) | more than 14 years ago | (#1692755)

Intresting comments from an even more intresting guy.

I got to meet him a the Neal Steaphenson Cryptonomicon book signing here in Minneapolis a couple of months ago.

I got him to sign my copy of Applied Cryptography. The signature was

OJNE
EHTY
KOOB



Now, how cool is that? Definately seems like the kinda guy I'd like to take out for some beers some time.

Hell, I started spouting off about my plans to wire my vintage telegraph key into my COM port so I could have a 'backup' for my e-mail program. He liked my idea and said to shoot him an e-mail when I get it working, he'd pay me to work up one for him too.

Just some after lunch ramblings.

Interesting Point. (1)

Jay (1991) | more than 14 years ago | (#1692757)

I was wondering about that too. I've always thought it was easier to compromise a person than crypto anyway, so it would be easier to just shell out moolah to a disgruntled someone instead of all the cloak 'n dagger shenanagins. I like the super secret naming of the key too - "NSAKEY" Gee, who's that for? Not the NSA, they're not that obvious.....

If I were moderating.. (1)

florin (2243) | more than 14 years ago | (#1692760)

I would've at least considered tagging this with 'redundant'. The comments do not seem to contain any new evidence that we've not been able to distill from earlier discussion and the Microsoft press release, and the author's opinions aren't accompanied by any proof. I don't know the author's credentials, but you'll find as much speculation in any longer reply to a typical Slashdot article. Maybe as next step we'll get links on the main page to particularly interesting slashdot comments..

double bluff? (0)

Yarn (75) | more than 14 years ago | (#1692762)

or treble bluff, quadruple blu...

Received SIGSEGV -- core dumped

Conspiracy or not (3)

um... Lucas (13147) | more than 14 years ago | (#1692764)

This just shows again how Microsoft is content to dick around with the government and consumer alike.

Screwing the customer, by creating a secuirty mechanism that can be easily bypassed (if a replaces NSAKEY with a new one, then all your crypto modules can be replaced with insecure versions)...

On the flip side, they're blatantly disregarding the gov't's export requirements by allowing this key to be replaced abroad. So much for disallowing the export of strong crypto... They can just ship a weakened product and let people oversea's implement the changes.

No matter how you feel about encryption, privacy, etc... THIS IS A BAD THING. Bad for the consumer, bad for the government, and just bad policy. As we touched on in one of the previous discussions, why in the world did they need to create this "backup" key in the digital age?

I'd hope to expect that Win2000 ships with just a single key to compare signed code with, or at least bothers to check the signature of the back up key as well... Though I like the idea of myself being able to implement whatever cryptography I'd like, I don't trust anyone enough to go and implement new & imporved modules without my explicit approval

Weeeelllll... (1)

FascDot Killed My Pr (24021) | more than 14 years ago | (#1692765)

Third, why in the world would anyone call a secret NSA key "NSAKEY." Lots of people have access to source code within Microsoft; a conspiracy like this would only be known by a few people. Anyone with a debugger could have found this "NSAKEY." If this is a covert mechanism, it's not very covert.

I don't think this point is all that strong. Given that MS has made it possible for ANYONE to replace the crypto routines, arguments from "they aren't that stupid" don't hold any water.
---
Put Hemos through English 101!
"An armed society is a polite society" -- Robert Heinlein

CryptoAPI still not trustworthy. (5)

MAXOMENOS (9802) | more than 14 years ago | (#1692767)

I tend to agree with Bruce Schneider...Microsoft is probably not in league with the NSA to reveal all our secrets. But the CryptoAPI is still not trustworthy.

The strength of encryption is based not on how big the keys are (sorry, but 32kbit keys are just plain unneccesary), but on how hard it is to get the plaintext, based on the crypttext and other known information. If the secrecy of your credit card numbers depends on other people not knowing the algorithm, or the implementation, of your encryption, then your encryption is pretty darn weak. Once the algorithm leaks out (due to espionage or hacking), your secrets are out.

The best encryption for one to use has five components working for it:
  1. The algorithm is known
  2. The implementation is known (open sourced)
  3. The details of the development are public knowledge (this is why I would trust Twofish over, say, 3DES)
  4. The method has been analysed for possible backdoors and is considered secure
  5. The keyspace is large enough to make brute-force search impractical

In the case of the CryptoAPI, we don't have an open-source implementation, nor do we know the details of the development of the CryptoAPI. Microsoft has all this information and isn't about to release it to anyone. Because of this, we don't know if the analysis of the CryptoAPI is sufficient. Therefore, we should consider Microsoft's CryptoAPI package untrustworthy.

Re:It's (not) the NSA, stupid (2)

mwood (25379) | more than 14 years ago | (#1692768)

In VMS every system component is a part of some "facility", and each facility has a unique prefix used for avoiding symbol clashes. Some of the security code in VMS is allocated to facilities with the prefixes CIA and KGB. I really doubt that the latter was used to install a back door for someone else's spooks; it was just the developers having a little fun where (they thought) it wouldn't show too much.

Likely the same thing happened at MS but of course we're all primed to believe the worst of them. Sorta makes you glad your mother lectured you on the importance of maintaining a good reputation, doesn't it? :-}

Re:Still confused (1)

schporto (20516) | more than 14 years ago | (#1692769)

I may be willing to accept your reasons (although jms suggests there is no such mechanism so I'm not real sure). But why didn't MS give this explanation then? At MS' site on the subject it says the key is specifically for disaster recovery. Not anything else. I really still don't understand why DR could cause the neccesity of this.
Your explanation makes sense though. Theirs does not.
-cpd

Yet Another Debunking at The Register... (1)

SEE (7681) | more than 14 years ago | (#1692770)

See this [theregister.co.uk] article at the Register [theregister.co.uk] for another reason why this "NSAKey" isn't a Big Brother threat. In short, it says that the NSAKey amounts to a useful hook for people to make their copies of Windows more secure and the NSA's job harder.

OTOH, the Register article seems to imply that the NSA screwed up in allowing the export of Windows with such a hook, which counters the "NSA is too competent to be this dumb" approach to debunking the idea that this is an NSA backdoor.

But, whether a mistaken approval or an incompentent backdoor, it doesn't seem to be much of a real threat. All in all, it's only proof of nefarious intentions if you assume nefarious intentions to begin with.

But if I talk like this much more, the other Libertarians won't let me come to local party meetings anymore...

The FUD works backwards. (1)

Anonymous Coward | more than 14 years ago | (#1692771)

Isn't it funny that this time it may be an honest misunderstanding on Mickeysoft's part the FUD is gonna work against it major time. Manager Type: NSA key? there's an NSA key? those are the big bad guys right?

Roswell Revisited (5)

brennanw (5761) | more than 14 years ago | (#1692772)

Ladies and gentlemen, we apologize for this simple misunderstanding, but apparently the $NSAKEY was not, I repeat, was NOT, an NSA backdoor. After a thorough investigation and careful examination of all facts, it turns out that $NSAKEY was actually a weather balloon flying over some swamp gasses.

Previous reports to the contrary are false. Indeed, they never happened. In fact, I don't remember any previous reports to the contrary. In truth, I don't even know why I'm telling you any of this, because we have received no credible reports of an NSA Backdoor in any windows platform.

Next week we will start investigating reports that farmers are finding strong encryption algorithms burned into their crop fields. Until we discover more about this pheonomena, we are banning all crop exports immediately and reclassifying corn, wheat, and other grains as munitiions.

Thank you for your support in this matter.

Signed,

The Federal Government

Re:Conspiracy or not (2)

evilpenguin (18720) | more than 14 years ago | (#1692773)

The secondary key makes a great deal of sense. It's the MS implementation that is brain dead. I can think of two reasons to switch to a backup key. Destruction of the primary (they shouldn't have multiple copies lying around, so posit an explosion/flood/whatever destorying the primary). The second reason would be known compromise of the first key (Ballmer accidentally copied it to his laptop, an MS employee responsible for the key was bribed, whatever).

The problem with the MS implementation is that EITHER key is trusted! There should be a mechanism to switch keys in a secure manner such that one key becomes untrusted. As it is now, if one key is compromised, it will still be trusted!

No. (1)

??? (35971) | more than 14 years ago | (#1692774)

Microsoft is right about one of the issues here. A backup key is useful for key loss. If the private primary key were lost in fire, flood, stolen, etc. and there were no backup, CryptoAPI would very quickly cease to be useful, as no newer encryption methods would be able to be implemented under CryptoAPI. This means taht a backup key is useful.

Microsoft has, apparently done some things wrong here, though. As I understand it, the reason the primary key can't be changed is that the default CSP is signed with the primary key, and changing this key would render the system unusable. Had a necessary component been signed with both the backup key and the primary key, and both signatures tested for that component, it would become more difficult to change the keys and retain a useful system.

The other thing that Microsoft has messed up here is the issue of key compromise. Microsoft has focussed entirely on prevention on this issue, excluding contingencies where the keys are compromised. They speak of hardware, software and physical security to prevent key compromise, but there does not appear to be a mechanism for key revocation if and when these security mechanisms fail, and the key _is_ compromised.

Re:Weeeelllll... (2)

xxyyxxzz (87887) | more than 14 years ago | (#1692775)

For all the bad press MS is getting, is it possible that they made the second key weak for a reason? Think about it - by making this second key relatively easy to change, that means that non US/Canadian servers running WinNT could implement high security - a feature many outside these countries want. Although MS can't officially sell their software with this encryption, they can "mess up" and allow others to do it for them, thereby sticking it to the government.

How's that for a conspiracy theory?

Re:Most likely explanation is... (1)

Royster (16042) | more than 14 years ago | (#1692782)

I agree it is just that simple, except...

Except it *does* allow the NSA to change your crypto. Whether they would want to or whether they have a better way in through another security hole is debatable. The real point is that it is unnecessary for you and I to have a NSA key in our copy of Windows.

Re:Are they really advanced? (1)

CyberPup (87109) | more than 14 years ago | (#1692783)

Yes, I'd say they are definitely more advanced than the average /.'er. To think otherwise would be pretty naive.

BTW, your comment about "they don't develop their own technology" is a bit off.

Yes, they use Crays -- but they also have super computers that they develop in house (in whole or in part). One notable one they call "The Thinking Machine" was specifically designed and developed for crypto operations.

Re:not a coward, just forgot password (1)

um... Lucas (13147) | more than 14 years ago | (#1692784)

The way their OS handles the keys makes it pointless to have the secondary key. In order for a module to run, it needs to have a valid signature for either key. You can't replace MSFT's root key and still have Windows function, but you can replace the 2nd key (NSAKEY) and have it function fine.

Yes, customers can replace the key aboad in order to implement whatever crypto they want. But a virus could subistitute the second key with one of it's own and then change the default crypto from _____ bit (128 bit?) to 1 bit if it felt like it. Your data would still appear to you as being scrambled, windows would accept this new encryption scheme and everyone involved would think it's all hunky dorey.

Yes bruce is an expert on the topic... We're no longer talking about NSA conspiracies here, and just thinking of Windows security issues. That key will not permit them to run word processing programs without your knowledge. It just is a public key for windows to check the validity of crypto modules. He himself said that in all likelyhood the NSAKEY isn't there for the NSA. So then, why do you want to remove that key, anyways?

Additional copies of the key (1)

??? (35971) | more than 14 years ago | (#1692785)

Since Microsoft relies exclusively on prevntative security measures to protect the private key(s) from being compromised, any measure which would reduce this security is unacceptable. More copies of the key makes it more difficult to maintain security and ensure that the private key is not compromised (as opposed to lost).

Re:Then why do you care at all? (0)

Anonymous Coward | more than 14 years ago | (#1692786)

MS is made up of People.

So is soylent green, but neither one is good for you.

Re:Here's a better explanation: (0)

Anonymous Coward | more than 14 years ago | (#1692787)

The NSA got their own CSP verification key, because they want to be able
to change their own secret US government CSPs required for the handling
of classified documents, without having to go to Microsoft each time to
get a signature for an NSA CSP update.
....

Please apply a bit of simple critical thinking here:

If the NSA wanted to have real backdoor functionality, they would much
more likely simply steal Microsofts own keys instead of embedding
additional keys with an obvious symbol name. Remember: The NSA is the
world's largest key thief.


Well there's a contradiction here. If NSA uses Windows based systems to protect their secure data, how smart can they be?

Re:It's (not) the NSA, stupid (0)

Anonymous Coward | more than 14 years ago | (#1692788)

Man, NSA and Microsft make tons of mistakes everyday. This one just got caught.

Re:It's (not) the NSA, stupid (1)

kyanite (73015) | more than 14 years ago | (#1692789)

Really people, as big as Microsoft likes to think they are, the NSA is bigger. The NSA wouldn't need anything sneaky. They could just seize the private keys from Microsoft. It would be easier and cheaper than having to make any silly deals with Microsoft. I don't see the NSA making deals with any other encryption based products. I don't think there are any back doors in PGP or GPG that allow them to break any cipher. The NSA will simply pick you up, take you to their place, and force the private key out of you. It is probably more fun that way anyway. I believe Bruce is right. The man knows what he is talking about.
_________________________
Words of Wisdom:

I did NOT sleep with that woman. (4)

flatrbbt (25980) | more than 14 years ago | (#1692790)

Unfortunately, MS suffers from the same credibility gap as certain others do. The surest way to know they are lying is to check and see if their lips are moving.
Even after their answers, The questions remain.

Why are there 2 keys?
Why are the keys replacable?
Who has had access to them? aside from a hoarde of programmers doing daily builds.
Doesnt the daily build mean the two keys are stored in the same building?
Is only 1/2 oh this building "natural disaster proof"?
What happens now that the key locations are known?
How long before they are cracked?
Once they are cracked, cant I use ms_key to replace nsa_key?
Have your keys been replaced?
Will they be replaced again.
Can they be replaced via activeX/java?

All in all, I find the story without credibility.
The tone in his second writing does not support the tone of his first.
What changed his mind? Why is this such an insignificant security hole in comparison to the major hole at the time of the first writing?
Who convinced him otherwise?

I am sorry, but having listened carefully to this and other arguments presented by MS and its minions, I will need some convincing.

Until then, I will continue to recommend that all MS products be removed from "secure" corporate machines.

Steve Ruyle

The keys are NOT for integrity protection... (3)

DiningPhilosopher (17036) | more than 14 years ago | (#1692791)

There's at least one thing Microsoft and Schneier are not kidding about - the MS CAPI verification keys DO NOT PROVIDE SECURITY, nor do they intend to. They enforce export restrictions.

If you send Microsoft a CSP which encrypts data by XOR'ing with a stream of zeroes they'll sign it as long as you have the appropriate license. They don't care, nor should they.

Think about it. If Microsoft were actually certifying that any signed CSP provided a good strong crypto implementation, then any customer who discovered a flaw in a signed CSP could sue. And would. Microsoft wouldn't even consider putting themselves in that position.

Therefore if I work for the NSA and I want to install a crippled CSP on your system, I ask Microsoft to sign it. And they will, no security questions asked. The only thing having my own key would buy me is not having to wait for them to get through the process.

Ironic if true. (1)

jflynn (61543) | more than 14 years ago | (#1692792)

If the NSAKEY is there to support NSA, or put there at their own request, it's highly amusing.

The one documented effect of the second NSAKEY is to defeat strong encryption control on Windows.

No matter which side of strong encryption debate you're on, Microsoft has probably lost reputation over this. Don't be surprised if an order for RedHat CDs arrives from Maryland... :)

Re:Are they really advanced? (0)

Anonymous Coward | more than 14 years ago | (#1692793)

Past evidence shows the NSA being a lot further ahead in the crypto game than the academic crypto community (and in turn, the academic crypto community is a lot further ahead than the average /. poster). The DES S-boxes are just one example. Times are changing, but if you asked me whether I'd use a cipher designed by the NSA or one designed by a Slashdot AC (yes, I know the irony) I'd pick the one designed by the NSA. Both of them will probably be readable by the NSA, but the reason that Fort Meade's cipher will be readable is a backdoor, not poor design. :-)

Re:NSA...ther're no dummies (0)

Anonymous Coward | more than 14 years ago | (#1692794)

You don't understand Echelon or how NSA works. First of all, if the NSA is caught spying on a US citizen then they are in deep shit. echelon works by gathering all the data it can and then uses an alogrithm to pick out interesting bits from all the data. Its a lot easier to grab everything than to hunt for specifc thiings.

Re:If I were moderating.. (2)

Thagg (9904) | more than 14 years ago | (#1692795)

I don't have my copy of the first edition of Applied Cryptography with me, but as I recall Schneier is basically an amateur cryptographer. When he started writing Applied Cryptography he knew very little about it -- and while he learned a tremendous amount as he wrote it -- he has no formal training in the field. Formal training isn't everything [read the very entertaining 'Between Silk and Cyanide' for another amateur's good work,] I wouldn't view Schneier's credentials as impeccable.

If I recall correctly, there are several warnings in AC (at least the first edition) warning against using the work of amateurs.

That said, Blowfish and Twofish do seem to have passed muster with world-class cryptographers, which is a tremendous achievement; and I have tremendous respect for Schneier.

thad

It's a PR issue (2)

Otter (3800) | more than 14 years ago | (#1692796)

But why didn't MS give this explanation then? At MS' site on the subject it says the key is specifically for disaster recovery. Not anything else. I really still don't understand why DR could cause the neccesity of this. Your explanation makes sense though. Theirs does not.

I was wondering about that, too. Why would they give an explanation that clearly makes no sense? I think it's a PR concern. Talking about natural disasters is OK -- publically raising the issue of a compromised key is not.

The real importance of the NSAKEY debacle (4)

The Welcome Rain (31576) | more than 14 years ago | (#1692797)

The true importance of this news item never had anything to do with practical matters of security. If you're concerned with and knowledgeable about computer security, you're probably not using Windows -- especially if you're trying to keep the NSA out.

The real issue is the effect this story will have on Microsoft's international image. They are already considered to be very Americocentric (as are many other American companies, to be fair). Remember Microsoft's refusal to produce an Icelandic version of Windows [seattletimes.com] ? They ticked off lots of non-Americans with that move, not all of them in Iceland.

The idea that Microsoft would truckle to the whims of an American intelligence agency only worsens the problem. It didn't turn out to be true, but people aren't going to remember that. They'll remember the accusation far longer than they'll recall the exoneration.

It sucks, but the truth just isn't an important factor in shaping public opinion. Microsoft lost big on this one.

--

+1 Offtopic, Humor (1)

Anonymous Coward | more than 14 years ago | (#1692798)

Let's face it, if you are depending on Windows for security, you have more problems than the NSA :)

Finkployd

Re:Did he SAY they use Unix..? (1)

RGRistroph (86936) | more than 14 years ago | (#1692799)

I think really sensitive information might be stored on a windows machine if that was what they wanted for the job at hand.

The security is more likely to be enforced through no network connection, being in a metal room so that no electormagnetic signals can escape, and simply never allowing any recording media of any sort to leave the room once it has entered. Beepers, cell phones, and other electronic devices will also never enter and especially never leave that room. Really secrete places probably have filters on the power or their own power supply so nohting can escape over that channel either. No modem will be left in a computer connected to a live line (there is probably not a live telephone line in the room) so no trojan process can dial out in the middle of the night and up load stuff.

The secrete data can then be manipulated with whatever software you want. Given such a situation, how would you steal data ? You might slip them a messed up copy of something so they'd loose their data or otherwise sabatoge the effort, but there is no channel for you to receive information on the outside.

conspiracys... reasons why not (1)

The_Jazzman (45650) | more than 14 years ago | (#1692800)

Hey all,

OK, people have been saying 'It *must* be the NSA' for this Microsoft 'key'.

Now, there are a lot of conspiracy theorists out there that would say this is the NSA. There are even more that believe in the coverup of Roswell et al. Some even believe the X-Files is real...

Here's a thought - IF the Government is so powerfull and has been so good at keeping secrets, how come they are pretty inefficient in comparasin. Surely if the Government was able to keep all of these things secret and so effeciently then why do we still have crime on the streets ? Why are there still the unemployed... makes you think...

As I think a couple of other people have said, is it not plausable that a MS programmer thought of a name for a key and then thought of the NSA... bet he's laughing if he did... otherwise we better start to worry ;-)

Amateur status (1)

phil reed (626) | more than 14 years ago | (#1692801)

Everybody starts out as an amateur. Bruce Schneier isn't an amateur any more.


...phil

The best hiding place is in plane sight... (1)

severed (82501) | more than 14 years ago | (#1692802)

>>"NSAKEY" Gee, who's that for? Not the NSA, they're not that obvious.....


Of course, if everyone didn't take it seriously because they believed that it was "too obvious" and that it "couldn't be true," then it could be even more powerful than if it were kept secret.

Just a conspiracy nut theory... Personally after reading through all the commentary and articles it just seems to be a bit of sensationalism. The buffer overflow security flaws in IIS is a much larger security risk than this issue....

This only happens because we cannot see the source (0)

Anonymous Coward | more than 14 years ago | (#1692803)

If you use Open source, you just have to read the code. simple. faster and more elegant.

Re:Are they really advanced? (0)

Anonymous Coward | more than 14 years ago | (#1692805)

Well, according to http://www.milk.com/wall-o-shame/gray_men .html, the NSA is a couple of centuries ahead of the rest of the world in maths theory ;)

Re:NSA = Initials??? (1)

Slothrup (73029) | more than 14 years ago | (#1692812)

Even better, NSAKEY happens to be an anagram for SNEAKY.

Re:hmmmm (1)

markjrubin (88076) | more than 14 years ago | (#1692813)

It was a joke. Please don't take offense.
Mark

Schneier should not attack Microsoft in this way (1)

konstant (63560) | more than 14 years ago | (#1692814)

Many of you apparently view this comment from Schneier as some sort of vindication of Microsoft. I see it in quite another light. Before I criticize the man, let me clarify that I have read his book and that I do greatly admire him.

Those who have observed that Schneier's press release adds little to the discussion are correct - nearly. True, he says nothing that has not already been said several times elsewhere, including a regurgitation of the Microsoft party line and some humorous commentary on the inappropriate name this key received in the debugger.

But he does add something. He adds a snide and technically unjustifiable comment about Microsoft cryptography, implying that it is deficient:

Microsoft has two keys, a primary and a spare. The Crypto-Gram article talked about attacks based on the fact that a crypto suite is considered signed if it is signed by EITHER key, and that there is no mechanism for transitioning from the primary key to the backup. It's stupid cryptography, but the sort of thing you'd expect out of Microsoft.

This is not the "sort of thing" I'd expect out of Schneier. He behaves as though he has never heard of a Certificate Revocation List. CRL's are fully implemented in Internet Exploder (although for sound connectivity reasons online checking is turned off by default. see Tools|Internet Options|Advanced) CRLs are not only an adequate means of revoking compromised public keys, they are an internet standard.

Schneier's article appears to contribute nothing to this discussion other than an unjustified punch below the belt. I admire the author of Applied Cryptography too much to let this attack pass without voicing my disapproval. Schneier has already made his name. He has nothing to gain from pinching the schoolyard bully and then running away.

-konstant

it wasn't *HIM* who said it (1)

delmoi (26744) | more than 14 years ago | (#1692815)

It was another site, I think it was the CCC, but I'm not sure. we were also reading what was probably a bad translation from german as well.

in any event, I agreed with this guy, and was *amazed* at all the people who didn't even really take into consideration what was happening. I mean, they just jumped right on the band wagon. I'd be willing to bet that a lot of the posters didn't even bother to read the story...
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

Re:hmmmm (0)

Anonymous Coward | more than 14 years ago | (#1692816)

Think he got a call from a lawyer? I do. Mark

So, you're basically issuing an open accusation of Schneier's integrity.

Umm, who the hell are you?

Re:SPOILER! (code solution) (0)

Anonymous Coward | more than 14 years ago | (#1692817)

man youre a twit. it took me 10 seconds. 20 MINUTES ?? jeez.

What if the key were *meant* to be replaced? (1)

IIH (33751) | more than 14 years ago | (#1692818)

Given two opposing stories, the truth often lies somewhere in the middle. MS on one side says it's a backup Key, and this article suggests it a key for NSA to do the signing themselves. Lets throw together some wild thoughts and see where it goes...

a) Several people have commented that it is possible for the key to be replaced and load other "signed" crypto modules.
b)MS cut a deal to enforce signing crypto modules, to enable them to export windows. If NSA wanted to load modules without MS, they'd need a key.
c) People were initially scared that this key would allow NSA to install modules on their machine.
d) The keys are actually used to verify crypo before loading, if it passes the signature, it'a trusted and will be used.

Would the NSA not be equally scared of someone signing a crypto module and getting it loaded and trusted on their machine? Now think, windows is exported worldwide, and if this article is correct, then so is the NSA public key. How likely is that? (Hint: which is easier to detect, a online hacker trying to logon directly, or a remote hacker cracking your /etc/passwd?)

So, what if this key was just inserted as a "placeholder" and within NSA, there is a "hardening" program which replaces the placeholder with their own. This could explain
a) That MS would indeed have access to the second key (ie the "backup")
b) That NSA do load crypto signed by themselves
c) Why it was called an obvious name, as it was meant to be replaced later.

Fun to think about, eh?

--

Re:Here's a better explanation: (0)

Anonymous Coward | more than 14 years ago | (#1692821)

As opposed to Unix - paragon of security awareness these last 25+ years. What a frigging joke.

Re:Not MS's idea, it was the NSA's idea (1)

jflynn (61543) | more than 14 years ago | (#1692823)

True, NSA could be called expert in this area. But don't lose sight of the fact that they oppose general use of strong crypto both domestically and abroad. You shoudn't assume their interest is in improving MS's crypto security just because they know a lot about the subject.

There does not seem to be any irrefutable evidence that NSA's intention was to weaken crypto or backdoor Windows in this case, I agree.

Re:Are they really advanced? (1)

.pentai. (37595) | more than 14 years ago | (#1692824)

1st) I didn't mean to say the average /.'er but was too lazy to type out a full word. In a rephrase, are they that much more advanced than freelance computer scientists? I think not.

2nd) I was under the impression that they simply "overtook" the thinking machine from a seperate corp. claiming it was illegal...not sure where I read that, but oh well, wouldn't be the first time something I've read was inaccurate.

Re:hmmmm (1)

Pac (9516) | more than 14 years ago | (#1692832)

How so? Everything Schneier said about the NSAKey problem up to now is almost exactly what is now published in his site. And he is probably one of the most capable persons to comment on it. I will go with his opinion on any crypto matter over the opinions of every journalist that has written about it, any day.

So, please give references to what you are saying.

Still confused (3)

schporto (20516) | more than 14 years ago | (#1692833)

Can someone explain the MS response? Why do they need the backup? If you have a natural disaster where the primary key is held then the backup key would be used which is held at a different place. Why not just have 2 copies of the primary key? I hope there is something obvious that I don't see.
-cpd

maybe (1)

darklink (79588) | more than 14 years ago | (#1692834)

well i think that maybe the nsa didnt put this key
now if it has other maybe , i think that hte keys are there for what ms wants and not what they say
peronaly i dont like the idea of letting ms have any key control in an os. the "back up key" idea was altough thought full it can be used as an exploid , and i dont trust ms enuf to tell me the truth. sorry it is just me being paranoid

Beleiving everything you read. (5)

SteveX (5640) | more than 14 years ago | (#1692835)

This whole issue has been fun to watch. When I read the first message about how Microsoft had the NSA key in Windows, I kinda wondered if they would really do that.. Couldn't really decide either way.

But the number of people that read it and instantly assumed it was true was astounding. I've had friends ask me out of the blue about it. I've heard of it through mainstream media. I've seen story after story about it.

Most of the the media people still won't admit it was jumping to conclusions. That's what really bothers me. They're mostly sticking to the "well Microsoft says it's false but who can know for sure" lines to cover their own asses (and credibility).

A Wired story [wired.com] says "Questions lingered Friday over whether or not security experts overreacted to a scientist's charge that Microsoft built a backdoor in Windows for a US spy agency to enter". Isn't it fairly clear that they overreacted? Or is this going to happen again the next time?

(If it's a real issue, like the Hotmail thing, then they deserve to get slammed... but come on, let's verify this stuff before we go nuts).

Re:If I were moderating.. (1)

GnrcMan (53534) | more than 14 years ago | (#1692836)

Ummm...Bruce Schneier is the author of "Applied Cryptography". If anyone has impecable crypto credentials, it's him.

NSA...ther're no dummies (1)

Anonymous Chemist (62398) | more than 14 years ago | (#1692837)

I agree with the other poster.
Hmmmm....with Echelon, the NSA would really have no need for a backdoor to Windblows; but then gain; how hard is it to crack Windblows?
The NSA has some of the best crypto/math folks; so you really need to ask yourself if they would leave something so obvious. They are a little more adept than that.

The author's credentials (4)

Pac (9516) | more than 14 years ago | (#1692838)

Bruce Schneier:

- Wrote "Applied Cryptography", the best introductory book to the field of cryptography and cryptanalysis;
- Wrote the Blowfish algorithm;
- Wrote with others the Twofish algorithm, one of the finalists of NIST's new Advanced Encryption Standard

There is a lot more. Look around the site...

Most likely explanation is... (0)

Anonymous Coward | more than 14 years ago | (#1692839)

...That the NSA simply wants to install their own
damn 22nd century crypto modules without
having to e-mail them to Microsoft to get
them signed.

Which is what Bruce is saying.

I honestly think it is just that simple.

-- cary

The following 4 questions are still not answered: (3)

CocaCola (30016) | more than 14 years ago | (#1692840)

1) 'Lots of people have access to source code within Microsoft;' - maybe, but most people have only access to code they develop, in fact only a handful of people have 'full' access. Even fewer people have access to the keys themselves. The Caldera antitrust suit brought up some very interesting Microsoft-internal documents that have relevance now: a dozen DOS engineers were reassigned to work on making DrDOS 'as incompatible as humanly possible'. 'Normal' DOS engineers did not even know about this team, the team's real duty was only known to the vice president (Brad Chase in this case). And DOS only had a couple of tenthousand lines of code - with NT's millions lines of code it's not at all hard to 'hide' activity and shield off even top developers from 'the realities of RL'.
2) 'It's called "NSAKEY" for some dumb reason' - yeah, and the symbol name got stipped off from _all previous shipped Windows releases_ (a couple dozen ones, not including localized versions), while $KEY was not stipped? You got to be kidding. $NSAKEY within a crypto module means only one thing.
3) 'There are just too many smarter things they can do to the unsuspecting masses.' - face it, the Microsoft monopoly is valuable to the signal interception community in this regard: it's everywhere. You will not find a single piece of software more widely installed.
4) What was the deal Microsoft cut with the NSA which (uniquely amongst OS vendors) enables them to ship a Crypto API. Crypto-enabling APIs are explicitly forbidden by US export controls, even if they do not ship strong crypto. What was the 'deal' with the NSA?

Re:Still confused (2)

Zico (14255) | more than 14 years ago | (#1692841)

It's not just for natural disaster. If they need to revoke the original key for any reason (like say it got cracked), then the backup key could be used to verify the replacement key for the original.

Cheers,
ZicoKnows@hotmail.com

Re:You made the laws, now enforce them! (0)

Anonymous Coward | more than 14 years ago | (#1692842)

You nutsack. It's an unjust law - obviously - but you'd rather it be enforced against Microsoft just because you're a rabid anti-MS nerd than the law be done away with. Your thinking skills and ethical level are those of a three year old's. The law sucks - more power to anyone who gets away with breaking it (which Microsoft hasn't, but I'm going along with your silly little premise as a point of argument).

Re:NSA...ther're no dummies (1)

Anonymous Chemist (62398) | more than 14 years ago | (#1692843)

Right!!!!! The NSA would never decrypt data from inside the US. Just like Drug Task Forces never do anything illegal in the (justified) pursuit of illicite drug manufacturers. What Planet are you from?
You assume from naivite that I don't understand the NSA or Echelon. One comment doesn't mean I'm stupid.
Nonetheless, you're naive if you think that the Feds stop gathering data (in any fashion they want because there's a law.) They just can't use that stuff in court; but they do use it to focus the investigation.
I'll bet all those guys just shiver in their boots at the thought of using their collection methods in the US......Yeah right/.

Did he SAY they use Unix..? (0)

Anonymous Coward | more than 14 years ago | (#1692844)

Any tier-1 sensitive info isn't going to be on any OS that you've ever heard of.

Re:hmmmm (1)

markjrubin (88076) | more than 14 years ago | (#1692845)

I'm Mark Rubin. Nice to meet you Mr. Coward. Humor people. Humor.

Mark

Re:The following 4 questions are still not answere (1)

jzitt (1054) | more than 14 years ago | (#1692846)

2) 'It's called "NSAKEY" for some dumb reason' - yeah, and the symbol name got stipped off from _all previous shipped Windows releases_ (a couple dozen ones, not including localized versions), while $KEY was not stipped? You got to be kidding. $NSAKEY within a crypto module means only one thing.

Only one thing? Those of us who don't jump immediately into paranoia mode can picture M$ engineers, having to name the thing, laughing their asses off when they realize what will happen when conspiracy junkies see the name and using it as a gag.

There are other, even goofier possibilities, not to mention the quite reasonable ones brought up on NTBugTraq.

Re:It's (not) the NSA (Stupid!) (1)

Prote O' Zoa (84397) | more than 14 years ago | (#1692847)

It's gotta go in the code somewhere, man.

Incompetence? (0)

Anonymous Coward | more than 14 years ago | (#1692848)

I think it is entirely plausible that the NSAKEY is there to allow the NSA to install CSPs for their own use without microsoft have to sign them. Only one thing that makes me wonder. I think it is a safe assumption that the NSA either reviewed the CryptoAPI code before it was release or certainly after the product shipped to make sure that it worked as advertised. I mean the point of the whole system is to keep higher bit encryption from being exported. Since there is no check on NSAKEY and it can be replaced with any key allowing any CSP to be installed, the whole thing is useless. Either the NSA is completely incompetent or something else is going on.

Somewhere, someone is laughing (1)

Anonymous Coward | more than 14 years ago | (#1692850)

Come on.. all you coders out there..

TELL me you dind't put something humorous in your code. TELL me you didn't. I've got one program that has in it:
const int answer = 42;

JUST for the hell of it. Some Microsoft programmer somewhere is laughing his ass off that he got ALL of you to fall for this..

Magnwa

Re:Amateur status (1)

florin (2243) | more than 14 years ago | (#1692852)

Couldn't agree more, and I would like to point out that I didn't post to question Bruce Schneier's authority, only to point out that the comments themselves were not all that informative. I mentioned credentials because I didn't know him and I figured his word must carry some weight if they're putting him on the front page in the first place. As a follower of the threads here on Slashdot about the second key issue I had seen the same type of estimates and guesses in them like in Bruce's comments, mainly about human character ('noone would be that stupid'), but not any real new data. And some of the questions he poses had already been answered in the Microsoft press response. I figured most people agree the whole thing is a non issue by now, which is why the word 'redundant' came up in my mind.

Maybe it would be an interesting addition if we could indeed rate the original articles themselves, just like we can rate comments and moderation. Although often written by professional journalists and scientists, they're still just as subject to quality variations as the comments. I've seen unsatisfying articles about interesting subjects. Anything for making reading more efficient, no? It might be a chance to promote particularly well written articles about the subjects that typically get a little less feedback than others (non-Linux advocacy like stuff, for instance ;))

Dumb Mistakes (eg. the atom bomb) (3)

Critter (9014) | more than 14 years ago | (#1692854)

A fellow graduate student from England told me a story a few years ago about American Intelligence and the atom bomb. The Manhatten Project was our top top secret; we wouldn't even tell our allies about it. However, when the device was detonated, possibly over Hiroshima, the U.S. government gladly distributed time elapse photographs of the expanding mushroom cloud: What a historic moment! What an achievement! From this little bit of information British scientists, and possibly others, were able to deduce the critical mass of U238.

People are careless, dumb and vain: one of the reasons security through obscurity is a bad idea.

Yeah, but... (0)

Anonymous Coward | more than 14 years ago | (#1692862)

1) He says it might be an NSA key for the purpose of letting them install and use their own encryption, without running it through Microsoft. Perfectly legit, but this does have the side effect of letting them install it on your machine too. If they have the key, they have the key.

2) It is silly of them to call it NSA_KEY, but in all previous versions the label was removed. In the latest service pack it was left in, apparently by mistake.

No conspiracy maybe, and it's a good point that for the NSA a backdoor like this is pretty much superfluous. But let's not cut them more slack than they deserve.

If it is an NSA key, I love the irony--since it enables a simple utility to disable the export protection for the cryptoAPI.

Here's a better explanation: (5)

mrneutron (61365) | more than 14 years ago | (#1692863)

From BugTraq. It's not on their archive (yet) at www.securityfocus.com, but will be soon:


From: Markus Kuhn
Subject: Re: NSA key in MSFT Crypto API

The actual funny story behind the presence of the NSA key has been
seriously misunderstood here. CSP verification keys have only one *real*
purpose: They are intended to enforce the US export restriction
requirement that Microsoft is not allowed to ship software abroad that
can easily be extended with strong cryptography. They are certainly not
intended as any useful form of integrity protection for your system.

The NSA got their own CSP verification key, because they want to be able
to change their own secret US government CSPs required for the handling
of classified documents, without having to go to Microsoft each time to
get a signature for an NSA CSP update. Fair enough. So Microsoft built
in a second verification key such that the NSA can produce and install
on DoD PCs their own CSPs without requiring any Microsoft involvement.

The real funny part is that Microsoft did not protect the NSA key
particularly well, such that everyone can easily replace the NSA key
particularly well, such that everyone can easily replace the NSA key
easily with his own key. This was reported by Nicko van Someren at the
Crypto'98 rump session. This means that everyone can now easily install
his own CSPs with arbitrarily strong cryptography. This means that the
NSA's demand to get quickly a second key added led in effect to the easy
international availability of strong encryption CSPs. My guess is that
this is Microsoft's sweet revenge against the NSA for creating all these
Export hassles (e.g., the requirement that CSPs be signed) in the first
place. It backfired nicely against the NSA. :)

All this has nothing to do with an NSA backdoor, because the CSP keys
are an export enforcement tool and not an integrity protection tool.
They do not protect all parts of the system that could be compromised by
someone who wants to install some eavesdropping malware. The CSP
verification keys only authenticate that no cryptography that violates
export laws has been installed. If you are worried about the NSA
installing malicious software on your PC, you should not rely on the CSP
verification keys (which were never designed for that purpose anyway),
but on virus scanners with tripwire functionality that report any
modifications to your DLLs. There is no digital signature functionality
required to implement these, simple secure hash algorithms will
perfectly do.

Please apply a bit of simple critical thinking here:

If the NSA wanted to have real backdoor functionality, they would much
more likely simply steal Microsofts own keys instead of embedding
additional keys with an obvious symbol name. Remember: The NSA is the
world's largest key thief. They have stolen crypto variables from
well-protected military and government agencies from all over the world
using the usual repertoire of techniques (bribery, extortion,
eavesdropping, hacking, infiltration, etc.). If they can do it with
eastern military agencies, they can most certainly also do it easily
with Microsoft, which is orders of magnitudes less well protected than
the usual NSA target. If there is a real NSA backdoor key in Windows,
that it would certainly be identical to Microsoft's own key.

Markus

Re:NSA...ther're no dummies (0)

Anonymous Coward | more than 14 years ago | (#1692864)


Exactly. No one would suspect something so obvious. It's the old "Hide in plain sight" technique.

Woops.. just looked at the time. Gotta go let the Roswell aliens out, and then it's time for JFK's 2pm feeding.

Re:It's (not) the NSA, stupid (1)

jafac (1449) | more than 14 years ago | (#1692865)

Well, last time, the naysayers said that NSA in "NSAKEY" didn't stand for "No Such Agency".

Then, Microsoft's official press release said it DID. (tho they downplayed the significance).

I tend to NOT side with the naysayers.

Besides, everyone knows that NSA stands for:
Naysaysers of Slashdot Association.

"The number of suckers born each minute doubles every 18 months."

Re:Still confused (2)

jms (11418) | more than 14 years ago | (#1692866)

However, there is no mechanism in place for key revocation, so this explanation is not valid.

Re:NSA...ther're no dummies (0)

Anonymous Coward | more than 14 years ago | (#1692867)

Echelon just listens, it doesn't do them any good if the traffic is encrypted.

Re:It's (not) the NSA, stupid (1)

jafac (1449) | more than 14 years ago | (#1692868)

and as far as the ease of which this can be found, and how "obvious" it is.

The NSA does not have to answer to anyone. And they probably DO have more well hidden means to get at your data. But their attitude about this one probably is: "So, what are you going to do about it?"

"The number of suckers born each minute doubles every 18 months."

Speculation. Astute speculation but still... (1)

bughunter (10093) | more than 14 years ago | (#1692869)

... only speculation. Bruce doesn't have any evidence other than his keen common sense. And although I would tend to agree with him, there's the reports that the NSA put backdoors into export versions of Lotus Notes [heise.de] from earlier this year.

I can play the speculation game, too. Spooks may not choose the obvious paths of least resistance, because they're too obvious. When it comes to rogue bureaucracies, you can't take anything for granted.

Re:SPOILER! (code solution) (2)

Icepick_ (25751) | more than 14 years ago | (#1692870)

Just in case you cant figure out the code...

"Enjoy the book"

Took me about 20 mins to figure it out.

Very cool.

Are they really advanced? (1)

.pentai. (37595) | more than 14 years ago | (#1692871)

I'm just curious as to why everybody seems to think that the NSA is so far advanced over the typical /.'er. Granted they have a large budget, they don't develop the technology, they simply pay others to.

So sure they may have thousands of cray super computers, but I doubt they have something so powerful as to blow us away with.

They are, after all, people to.

NSA = Initials??? (1)

NutZac (18515) | more than 14 years ago | (#1692882)

Anyone think that NSA might be someone's initials? Maybe a Microsoft employee... or an honorary link to Neal Stephenson (NS)? Just a thought...

Re:Most likely explanation is... (1)

Raetsel (34442) | more than 14 years ago | (#1692883)

To quote Bruce Schneier:

  • "...
  • Two, that it is actually an NSA key. If the NSA is going to use Microsoft products for classified traffic, they're going to install their own cryptography. They're not going to want to show it to anyone, not even Microsoft. They are going to want to sign their own modules. So the backup key could also be an NSA internal key, so that they could install strong cryptography on Microsoft products for their own internal use."

You know, this fits my vision of the NSA.

Think about this: If they actually wanted a backdoor in windows, it wouldn't be vulnerable to some MicroSerf in a non-descript cubicle who forgot to rename a crypto key.

It'd be like the first versions of Win 3.0 with that mystery module (the only one that was encrypted). Remember? The one that caused a FUD message when used with DR-DOS? They're sneaky like that (Both Microsoft and the NSA!)

Also, IIRC, these signature keys are only if you want to use the MS Crypto-API. If you've rolled your own (encryption, that is), then you can install it just like another program.

I wonder how all this affects PGP and GPG on Windows platforms...?

Re:Here's a better explanation: (2)

platypus (18156) | more than 14 years ago | (#1692884)

This was reported by Nicko van Someren at the
Crypto'98 rump session.

Markus Kuhn was cited in a news-posting I read, and he mentioned the ncipher [ncipher.com] , who apparantly used this trick before to get their strong encryption (hardware!) into the windows api. One of their founders is said Nicko van Someren.

Re:NSA = Initials??? (1)

platypus (18156) | more than 14 years ago | (#1692885)

I'm just leeching what somenone said before on slashdot, but
N S A=Netscape + Sun + Aol , get the picture?
Poor Microsoft ...

Re:Weeeelllll... (1)

sethg (15187) | more than 14 years ago | (#1692886)

The "they" in "they aren't that stupid" refers to the NSA, not to Microsoft.

If the NSA cracked codes the way Microsoft writes software, foreign spies could send all their messages home encrypted with rot13. :-)

I don't buy the don't buy (1)

Bobzibub (20561) | more than 14 years ago | (#1692887)

He said that they could get MS to sign NSA's modules-- I doubt if they'd want MS in the loop. Think of all the people who suddenly become involved and could talk later.

The NSA does not require a _NSAKEY in *all* the world's MS windows, only their internal ones. They would use a utility such as the one posted to simply change MS's key to their own.

Attacking a random number generator would be one of the first things I'd check if I was paranoid enough and writing my own encryption software. Hell, why not bypass MS's random number generator all together?

Sure one can break into Windows and do all sorts of nasties. These points of entry could be found out too by hackers and publicized.

If I was running the NSA and had my morality chip off line (you should in that case all be scared silly), I'd have *many* diverse points of access into MS products, not just one or two. This allows for flexibility of attack and robustness given the slow evolution to more secure OSs.

I'd also get some of my pals deeply involved in Linux, and *BSD but thats another story.


cheers all.

Re:SPOILER! (code solution) (1)

CharlieG (34950) | more than 14 years ago | (#1692888)

That long?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...