MS response to NSA key backdoor in Windows 344
CitizenC writes "Microsoft has responded to the report of the allegations of leaving a backdoor in all of its products for the NSA. "
"If I do not want others to quote me, I do not speak." -- Phil Wayne
Re:NSA Key "unfortunate naming" (Score:2)
Either their explaination is a lie or they're dumber than I thought. Think about it...
If you're worried that you might loose your car keys, do you install a special lock and have two different keys, or do you just have a duplicate key made?
Stupid MS web server has bugs again... (Score:1)
Microsoft VBScript runtime error '800a000d'
/security/inc/scripts.txt, line 279
Type mismatch: 'CInt'
Great. Enterprise-class reliability, huh?
-----
Re:Problems in M$ statement (Score:1)
Does Microsoft have a choice if the NSA requires them to give up a key?
Something still stinks...
numb
Re:Problems in M$ statement (Score:2)
Considering that it's easy to just hexedit a new key in, that makes little sense. Besides that, you couldn't effectively revoke the old key since a great deal of crypto modules would depend on it, and the users would likely just ignore the 'upgrade'
Re:seems to me they admit it (Score:1)
http://www.microsoft.com/security [slashdot.org] -->
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Re:Once and for all - not a back door. (Score:1)
I don't know if the so-called "NSA key" has actually been supplied to the NSA, or even if Microsoft takes much care to look after it. Unfortunately, each key that Microsoft adds will make their operating systems less secure..
Re:Backup key? -- With proper procedures (Score:2)
If each backup of the key is in eight pieces and in eight different places, there is a backup but stealing the backup is much more difficult. Proper procedures would involve a variety of protections, such as banks with no corporate relationships, vaults of different types, and differing attack types required. For example, a key piece inside a clear jar embedded in plastic hanging from the ceiling of the lobby of Microsoft headquarters would require a different theft method than the key pieces in safety deposit boxes, or the key piece tattooed on a director.
A key can be backed up in ways which make it difficult to reassemble, but the key can still be secure while it is backed up. Particularly if the backups were also encrypted so a piece is even less useful...and the key for the backups does not need as much security as the backups themselves so one does not have to repeat this process ad infinitum.
Re:Followup (Score:1)
Nope. The source will just tell you what we already knew:
To find out why there are two keys we would need to ask the people responsible. The answer to that is not going to be in the source. (Maybe a comment might have the answer to that question, but in my experience things like that generally are not commented.)
Someone later down said that MS must be hiding things if they stripped out the variable names. Well, if I may use hyperbole to make my point, All commercial releases of everything strip out all variable names! The weird thing is that they forgot to on one service pack, not that they did before.
let's think it through, people (Score:1)
Of course they deny it. If they acknowledged placing such keys, they would embarass themselves and the NSA (and would then have to concoct some new scheme for the future.)
By definition, public statements regarding security issues are suspect.
Re:Problems in M$ statement (Score:1)
Re:An Honest Question (Score:1)
Can it be broken? (Score:1)
Very interesting (Score:3)
---
Microsoft VBScript runtime error '800a000d'
Type mismatch: 'CInt'
/security/inc/scripts.txt, line 279
---
I don't know how anyone could argue with THAT.
Re:Backup key? -- No, really, they are right (Score:1)
Re:Problems in M$ statement (Score:1)
anyone with any sense keeps something as sensitive as a key for 80m machines in a tamperproof hardware device
I would even go further and say that the computer with this key is not only tamper proof, but has no way to get the key in or out of it. Imagine that you have a computer that will cryptographically sign whatever data you send to it over a serial line. It could also be prompted for its public key, and would return this to you, but under no circumstances would it divulge the private key.
This means no backup, no restore. When the system arrives, you plug it in and it uses some internally shielded noise source to generate its key. Any attempt to physically remove this key would result in the system clearing this memory.
NSA Key "unfortunate naming" (Score:1)
-Chris
Re:Problems in M$ statement (Score:3)
You need a backup (and I believe that the NSA requires it by law) so that if the first key ("key #1") needs to be revoked, you use the backup key to verify the new "key #1" that you receive.
Frankly, I'm seeing a lot of paranoid posts in this thread without a lot of thinking being done. If Microsoft wanted the NSA to have a backdoor, they could just give them a copy of their own private key -- they wouldn't need to write a special new one.
To put a compromised key on someone's system, you need to get administrator/root access. If someone gets administrator/root access on your box, they could do anything they damn well wanted to anyway, so what's the big deal?
Cheers,
ZicoKnows@hotmail.com
Followup (Score:1)
---
The page cannot be displayed
There is a problem with the page you are trying to reach and it cannot be
displayed.
Please try the following:
Click the Refresh button, or try again later.
Open the microsoft.com home page, and then look for links to the
information you
want.
HTTP 500.100 - Internal Server Error - ASP error
Internet Information Services
Technical Information (for support personnel)
Error Type:
Microsoft VBScript runtime (0x800A000D)
Type mismatch: 'CInt'
Browser Type:
Mozilla (X11; I; Linux 2.0.32 i586)
Page:
GET
Time:
Sunday, September 05, 1999, 7:45:07 AM
More information:
Microsoft Support
---
Seriously, anyone got a mirror without all the active server bullshit?
Oooops... (Score:1)
"... been suggested by the government, because we because we don't believe..."
Must be one of the Windows programmers...
Thats just swell (Score:1)
But they failed to mention whether it was possible to compromise windows security by replacing the backup key with your own. On the other hand, this is the first document I've ever seen from MS that doesn't contain snippets of propaganda everywhere.
I guess we know it's true (Score:1)
Microsoft VBScript runtime error '800a000d'
Type mismatch: 'CInt'
---
Put Hemos through English 101!
"An armed society is a polite society" -- Robert Heinlein
Re:depends on the meaning of words (Score:1)
The report alleges that a cryptographic key that ships as part of the CryptoAPI architecture is labeled "NSA key" and constitutes a "back door" that could be used by government agencies to start or stop system security services on user's computers.
**Note the above comment made by microsoft is very specific. To specific. Were it refers to start and stop security services is deceptive. Whith the key they may have it may totaly bypass the security. Does any one know this for sure?
Thanks Sherm
NDA with the NSA? (Score:1)
Possibly, Microsoft can not admit to having installed a backdoor simply because they are required so by law, and/or by a non disclosure agreement.
I know one thing, this smells fishy and just inforces my personal preference for Netscape or even better, open source Mozilla (btw, when will Mozilla finally give us the final gecko)?
Problems in M$ statement (Score:3)
b) If the 'NSAKEY' was really harmless, why did they in previous version remove the symbol for it (but not for the other key)?
Conspiracy Theory (Score:1)
Based on this line of reasoning, we could paint the following picture of the hypothesised cooperation between Microsoft and the NSA.
Don't you hope I'm wrong? It's just too sleazy for words.
I don't buy it (Score:3)
P.S. It's draconian for the NSA to limit what you could insert into an existing cryptogroaphy framework... even if that module is developed outside of the US! Pathetic.
P.S.S. I would have named such a key "Checkkey", "BackupKey", or something similar. NSAKey is simply too suggestive to even risk putting into a piece of code.
Re:Remember Key Escrow? (Score:1)
No matter what it looks like, there isn't a
Re:I don't buy it (Score:1)
And lets face it, its going to be much more fun
cracking these keys cf. the RSA des/RC5 chalenges.
Maybe the bovine lot would care to host such a distributed microsoft attack?
The keys are probberbly copywrite anyway (can you copywrite a key?).
Has anyone extracted the keys, are they plain old des/rc5 or are they something MS/odd?
Let's see the SOURCE!! (Score:2)
Re:Anyone buying this? (Score:1)
In the sentence "Microsoft does not leave 'back doors' in our products", the word "does" is the third person singular form of the verb "to do", whereas "our" refers to the first person plural.
Well, you did ask.
Re:Oh, so different from HedHat (Score:1)
broad disclaimers on their sites.
2) Specifically noted that it was a
boilerplate disclaimer.
3) Protecting oneself from random litigation
is reasonable. Making assertions about
how one treats customers and then
stating your assertions have no meaning
is simply amusing.
Re:die ms, die jarjar, just die everyone (Score:1)
Re:Backup key? -- With proper procedures (Score:1)
One could argue that if someone steals one piece of the key, this person would be able to eliminate all keys that don't have that piece from a brute force atack. To solve this, the key owner could create a simetric key to encript the backup key divide it and store it in pieces with the backup key, by doing this it makes harder for a person who steals one piece of the key to get info about the final key. Only when one steals all the pieces he would have the key to decript the backup key.
Since kripto-keys are basicly random numbers a force brute trying to decript onr piece of it would be useless, since the atacker won't have a way to check if the key is decriptet or not.
--
"take the red pill and you stay in wonderland and I'll show you how deep the rabitt hole goes"
Re:People, let's calm down (Score:1)
--
Cheers
Jon
Re:Not exactly so... (Score:1)
Re:Rather sloppy for M$ (Score:1)
You do realize that it's impossible to write a post criticizing someone else's use of language without misusing language yourself, right?
_NSAKEY? (Score:1)
Re:MS: "We do not share out keys with NSA..." (Score:1)
So what? Suppose the NSA did demand that Microsoft
surrender their keys? This has not appreciable
impact on the security of Microsoft's customers
whatsoever.
The crypto keys are purely signature keys used to
verify the authenticity of crypto modules loaded
into NT. They do not provide any access to
material encrypted with these modules.
I realy don't know what all the fuss is about. There
are enough genuine reasons to dislike MS products without having
to invent spurious ones based on a foolish and naive
missconception of the technology involved. I just damages the credibility
of 'the cause'. (however you define it)
Simon Hibbs
Nice Response (Score:1)
Secondly, how can we know the validity of their arguments? For an example one must merely take a look at BackOrifice [l0pht.com].
Once again I feel even more secure staying in my safe Linux environment, I have access to the code and that is great leap above and beyond anything that Microsoft can offer me.
Re:You don't make backups (Score:1)
It's patently obvious that the Microsoft response to these allegations doesn't cut the cheese. Why have a backup key if a backup copy of the original key would be just as easy to store?
Equally, arguments that say M$ has a second key in case of compromise of the first don't hold any water - why didn't microsoft just say this was the case?
The NSA's concern with information security is that everybody else's information may be too secure...hence the NSA_Key solution!
-Shane Stephens
Lets trust Microsoft. (Score:1)
Far be it from Microsoft to LIE or anything.
"Its not a car. It is merely a steerable metal box with four wheels and an engine, nothing more."
Bowie J. Poag
Re: "unsupported" browsers (Score:1)
so i wrote it and submitted.
but submission failed. it failed more than once. to be more precise, i tried 4 times and it failed 4 times. (error: Microsoft VBScript runtime error 'XXXXXXXX')
so i take action based on info from error page: go to another page and fill error report.
error report asked about lots of things but two of them were OS and BROWSER.
i happily fill them with "linux" and "netscape".
error form submission failed too. i tried 3 times.
then i "corrected" those two fields to "windows" and "explorer" and - surprise - error form worked!
after some time some person from MS tech-support contacted me. so i repeated my original reports about errors in their forms.
i received reply: linux is not supported by us
i tried 3 times to make argument that such errors are not related to my machine or browser (only in case theire scripts are handling such info and are handling it with less success - which is again not my fault).
i failed.
what's the point?r ver_eror-server_is_busy-...
maybe the only legitimate and truly meant "response" from microsoft is "runtime_error-we_do_not_support_that-internal_se
Why even care? (Score:1)
Re:NSA Key "unfortunate naming" (Score:2)
If MS used only one key, it would be impossible to change it when it was compromised, but with two, you could use one to change the other.
But as the press release pointed out, it is possable for anyone to change the key now. They gained nothing from two keys, but they enabled the installation of any unapproved crypto. All the installer needs to do is quietly patch over the second key. If there were only one key, it would be much harder.
Of course there is the maxim: "Never attribute to malice what can be explained by stupidity". In the case of MS and US govt. I can certainly buy the stupidity arguement.
Re:NSA Key "unfortunate naming" (Score:1)
Re:Believable? Nope. (Score:1)
Buffer Overflows are a result of a lack of bounds checking. This is a logic error. Logic errors are the one hardest error to detect in programming. The reason there are so many buffer overflows are because when you program, you dont
Buffer overflows could be avoided by using a language which has bounds checking built in.
- Aidan
When paranoia strikes... (Score:1)
http://ntbugtraq.ntad vice.com/default.asp?sid=1&pid=47&aid=52 [ntadvice.com] has a very reasonable outsider's perspective of what this issue is about.
Furthermore, there seems to be some confusion between CSP's and providers of authentication on NT. Assuming the worst possible case (e.g., the NSA can break everything encrypted via CryptoAPI), this has nothing to do with someone subverting LSA or kerberos and logging onto your system and reading or modifying your files.
In other words, you should really only be concerned if you're using the CryptoAPI to encrypt sensitive stuff. If you don't trust the CryptoAPI, then you can always use something unrelated, like PGP. But if your paranoia level is that high, then maybe even PGP has "backdoors" that you're unaware of...
Re:Umm.... it might as well be an NSA key.... (Score:1)
And while we are at it, what possible reason could be cited for the need to have this Key? It's not used to encrypt anything, just to verify the validity of an encription module.
MSFT's disclaimer - the fine print (Score:1)
the bottom of their comment on the
alleged backdoor, it is hard to
take anything they say seriously.
For those who didn't read the small
print, here it is:
September 03, 1999: Bulletin Created.
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Now, this does read like standard lawyer
CYA BS, but when they're telling you to
trust them and following the statement
with an overarching disclaimer...well,
I don't have to be a crypto expert to
know *my* security is best served elsewhere.
Re:They be truthin' yous (Score:1)
Moft? flaky grammar? (Score:1)
Re:Once and for all - not a back door. (Score:1)
But verifying and executing are two very different things. If you don't install it it won't run.
A secondary bit of interest in that... (Score:1)
I remember this delay, and I don't remember Sun ever mentioning it was due to NSA related issues... which is fine, but what I do remember is that MS drug them through the mud over the delay!
Now, considering how everyone in the these circles usually knows what's happening to everyone else involved, I would say that it's a good bet that MS knew the real reason behind this delay, and knew that Sun wouldn't say anything, and took the opportunity to kick an opponent when he's down (not like they don't always do this), but somehow this BS from MS, never ceases to amaze me...
Sigh and yawn...
I see now (Score:1)
Re:An Honest Question (Score:1)
Re:deactivated... (Score:1)
Ever hear of offsite backups? Or commerical key escrow? Or n of m data splitting techniques?
Either (1) this is an outright lie, or (2) Micro$oft doesn't know how to manage critical data. (And that's not an exclusive or.)
Nonsense. Really. (Score:1)
The first thing that occurred to me (and others in this thread) was that you need only make copies of the key to safeguard against its loss.
Does it really seem likely that Microsoft has only one copy of a key on which their software depends? Not bloody likely. There must be redundant backups. Furthermore the key is probably not stored exclusively in some super-secret place; they need it to generate new builds, a process done on a daily basis. That means that the release engineering team has access to it and you can bet that they're not walking over to some ultra-secret building with the build bits every day.
It makes sense to have a developer key (though it should really only be used in internal builds), but the only way it makes sense to have a second production key is if it belongs to a second party. There is no additional security provided by having a second key that wouldn't be provided by having backup copies of the first key. In fact, it's more secure since two keys gives you twice the targets in a brute-force search for the private key.
So: I think we can take Microsoft's response as being pure bullshit. So why is the key really there?
Consider this new evidence in light of the recent request by the DOJ [yahoo.com] for the rights to surreptitiously monitor your computer system given a sealed warrant. Well, that key would make it a hell of a lot easier to insert evesdropping hooks, wouldn't it?
Now, aside from not being all that keen on companies selling my personal information all the time I'm not much in the way of a privacy nut. If they want to monitor my system, hey, it's their time and energy to waste. But don't ask me to believe bullshit "backup key" arguments. It ain't so, and you're insulting me by suggesting it is.
That key is there at the request of the US government, you can bet your last dollar on that. It gives them the ability to drop in a bug that can monitor any data manipulated via the crypto API. This is a better technological solution than key-escrow.
Now here's the way you can use this in your favor: build a software package that checks the signature of the crypto API against the different keys. If you have one that verifies against the so-named NSA key then you're not using the stock Microsoft package anymore. And wouldn't that be interesting?
Re:seems to me they admit it (Score:1)
On the other hand, there are plenty of easter eggs (up to entire litte game engines) inside the code for M$ products. This shows that it is possible for the M$ developers to hide significant portions of code from their management. So there is no technical but rather an ethical restriction on how malicious hidden code inside Windows can be.
Ergo, if there's enough really pissed developers who gather and introduce a backdoor into Windows, it could be possible.
Hey, wouldn't that be something? Let yourself be hired by Microsoft, gather the illoyal employees around you and ruin the product!
You can't ever be too paranoid (Score:1)
European gov't complains about (and reveals the existance of) Echelon - a keyword scanning station.
In marrying those two, you end up with very impressive domestic surveilance capabilities. Agents no longer need to actually "listen" in on phonecalls that may or may not be deemed suspicious, as Echelon can monitor telephone, fax, email, etc... Probably merge all those results together and give a very detailed account of people, based on their insecure communications.
Nice typos (Score:1)
Re:So... you think Microsoft SHOULD break the law? (Score:1)
Re:They be truthin' yous (Score:1)
Threshold problem & key backups (Score:3)
That means that MS could take their primary key, apply a (7,4) algorithm on it, then put the pieces in a safe deposit box in Seattle, New York, LA, Boston, Atlanta, Denver, and Calgary. Any four pieces are enough to reconstruct their private key.
If four of those keys are unavailable at the same time, then Microsoft losing its private key will be among the least of our problems. No pair of cities, except Boston & NY, are within 1000 miles of the others so only an "extinction level event" would take them all out at the same time.
Conclusion: MS is blowing smoke. Either they're totally incompetent, they're lying, or they have a profound breakdown in internal communications. (The same options apply to the "advanced web programming" (HTML forms) comment regarding the hotmail fiasco.)
Re:Very interesting (Score:1)
Re:Problems in M$ statement (Score:1)
Come on... Required by law? (Score:1)
I can see why Microsoft would want to do this, so they don't have to spend millions on a worldwide upgrade of all windows systems (like the Pentium bug), but why would this be required by law? There is no element of "national security" of any interest to the NSA in this, unless there's something Microsoft is not telling us.
We probably found something, but it isn't what we think it is, so Microsoft is trying to create a diversion so put us off track by pretending the key is only used for CryptAPI, when really it is being used for other things as well. Someone should really see what else this key can be used for.
--------
"I already have all the latest software."
Cool! (Score:1)
I've got my very own stalker! I finally hit the big-time, ma!
Cheers,
ZicoKnows@hotmail.com
All modules are a security risk. (Score:1)
I could write a module that, when fncDo_crypt function is called, spawns a (hidden) remote-access server that allows me to control the computer, access files, etc. If MS (or the NSA) signs it, I have access to everyone's computers (and I can flag the most sensitive data - the stuff that was supposed to get encrypted).
Don't trust MS crypto, nor even PGP (it's proprietary, though I guess it's better than MS-CruftAPI), but only OSI-Certified OSS alternatives, such as GnuPG.
'Nuff Said.
--------
"I already have all the latest software."
Whether its true or false... (Score:1)
any version of Windows as my primary home OS.
No matter what MS say, how will anyone know for sure whether what they say is true or not? The only OS you can truly trust is one that gives you its source code...
Another proof for that (Score:3)
Friday, our Japanese participants discover that a computer on their company network has been cracked into, one very secure Linux box running only SSH and Apache 1.3.4. Now this would definitely send a chill up your spine if you knew just how fanatic our friends are when it comes to network security. Furthermore, they only detected the intrusion three days after the fact, which is unbelievable when you consider the insane monitoring levels they've been keeping since they agreed to participate in the scan. They would have noticed any funny stuff, and in fact, they did, lots of it, but none of which came close enough to a security breach to raise any alarms.
[..]
The attacker knows the employee's username and password and is even connecting through the employee's Japanese ISP on the employee's account! (the phone company identified this was an untraceable overseas caller)
This information could not have been sniffed, since network services are only provided over encrypted SSH sessions.
Further investigation shows that this employee's personal NT box, connected over a dynamic dailup connection, had been cracked into 4 days earlier.
[..]
How the NT box was cracked into in the first place is still a mystery. The logs weren't helpful (surprise! surprise!) and the only way we were even able to confirm this had happened was by putting a sniff on the NT's traffic (following a hunch) and catching those sneaky packets redhanded, transmitting our SSH identification down under.
Hmmm...
There's another point: (Score:1)
How long before we see a trojaned CAPI with an installer that replaces the backup key? While there is potential for abuse by law enforcement, there is also *significant* risk of key compromise by third parties as well.
Where would you like your keys to go today?
An Honest Question (Score:1)
It is (Score:1)
--------
"I already have all the latest software."
They just won't admit it... (Score:3)
I guess their explaination could be true, but I would still feel a bit nervous about using Windows after reading this. Fortunately this issue doesn't concern me. :-)
TedC
Re:Backup key? -- No, really, they are right (Score:1)
This even isn't worth arguing since this key isn't just a use once signature. Any new cyrpto packages approved by Microsoft has to be signed, meaning that somebody (or some group) has this key and is using it on a semi-regular basis. With Microsoft I doubt this person walks into the basement with retna scanners, multiple ID checks, and armed guards. Instead they login to the corporate NT domain server to access it.
They be truthin' yous (Score:1)
"We do not share them with any third party, including the National Security Agency or any other government agency."
One would be deluding one's self if it were thought that Microsoft doesn't have senior level programmers, product managers, etc., on the payroll of the NSA. Microsoft is too big and too important for that not to be the case. Similar things occur in places like GE and Boeing (for perhaps more obvious reasons), and you can bet that MS is in the same boat.
That said, it is *extremely* doubtful that MS would have allowed this oversight to escape if the key had actually been a 'backdoor'. More likely they are telling the truth in this case.
an authoritative opinion (Score:1)
http://www.counterpane.com/nsakey.html
seriously though (Score:1)
You don't think M$ has a little hidden entrance for itself on top of that? I know it may seem a bit conspiratorial but you have to take into consideration the mindset of this company, basically absolutely ruthless. They'll do anything they have to in order to get ahead of the game, including in this case selling out their customer's security options just so they can sell overseas..
Now I realize I use M$ products for the time being but their policies I do not agree with at all. As for this hype, ask yourself are you genuinely surpised to find that it exists? This person isn't.
toufic
Re:Believable? Nope. (Score:1)
Backup key? Yeah, right! (Score:3)
Hands up everybody who believes Microsoft's explanation? Nobody? No, I didn't think so.
As if MS reply mattered. (Score:1)
Everyone seems to be focusing on Microsoft, but anyone who has read a Tom Clancy novel knows that the NSA will tell MS to lie about it until the day the company goes bankrupt.
If the NSA says it is a matter of national security, then MS will deny any thoughts of ever considering an NSA back door, whether it is there or not. You could have 12 memos from MS VP's and 5 from the NSA that discuss standards for the NSA key and encryption algorithms, but MS would deny it till their servers are cracked and brought down, then go on denying the problem.
It isn't really MS's fault. They probably don't have a choice.
Why do you think open source advocates are painted in such a poor light. Someody out there wants open source advocates to look like extremists and conspiracy hunters. If you want people to believe your story, discredit your opponents.
I doubt MS let the NSA have a back door just becase they thought it would be fun. Chances are someone told somebody else to do it. MS is just the pawn here.
Re:NSA Key "unfortunate naming" (Score:2)
Well sure there is, if we could reverse engineer it back to source code, put out own key in it, recompile, then try to break in using that key. Only problem is the legallity of such an action, not the mention the difficulty in successfully recompling it. It would still be arguable either way afterwards.
This is a fiasco (Score:2)
Frankly, I mistrust the freely available download to patch the bug more than I mistrust Microsoft's response. What a great way to fool people into downloading a virus: Call it patch!
Ofcourse it is true: MS does have a back door in Windows, it's called "ActiveX" or "Microsoft Office"
Re:Problems in M$ statement (Score:2)
Although as easy as it is to hack into MS systems, I suppose the NSA key might rather be for NSA internal usage; that way they could sign crypto modules that they dont want anyone else to see.
More Lies from Redmond (Score:2)
Of course they've left a backdoor open for the government; it's all part of their negotiations with the DOJ: They've been given the green light to secure a monopoly so long as the government is allowed to access each and every computer that has installed Windows.
It's so painfully obvious that it pisses me off when people try to refute it. The government is *counting* on your passivity!
Re:Believable? Nope. (Score:2)
It's not like buffer overflows are a new thing in the world. Couldn't all the standard components that ship with Linux be audited and fixed once, and stay fixed thereafter?
On why two keys... (Score:2)
What I can say about it is that, for higher security, you don't usually make copies of the private key, even if possible. I won't enter the details of it, but put simply: how much would you trust a key that you can make copies of?
More to it: in high end security solutions the key is held in hardware, be it a smartcard or a more complex CA card or box. This pieces of hardware are initialized and they keep the key in such a way that is, virtually, impossible to copy out of it.
The bugger being: you loose the card, you loose the key. I even understand the double key, giving them a backup plan in case the first key is lost, and I see nothing wrong with it.
There is a problem in all this, and Microsoft didn't answer that bit, the most important bit of the issue: if it's so easy to change one of the trusted keys, as the original article showed, how can we trust the crypto units "certified" by Microsoft?
An scenario could be the following: Eve wants to see what's going on between Bill and Laura, ships to them bot a piece of software "signed by Microsoft", this piece of software, during the installation, changes the backup key to a key known by Eve, and installs the evil CAPI that makes a copy of all the communication going on between Bill and Laura, encrypts it with the public key of EVE and sends it to her.
Do you see the hole?
A smile,
Fabio
Re:The penguin who cried wolf?. (Score:2)
I would have said, "Even if MS is telling the truth (for a change), no one would believe it."
> People (mostly the Linux community) have cried wolf way to many times.
Heh. MS cries "wolf" regularly in the form of vaporware announcements, and a few people still seem to believe them.
> At this point everyone just assumes you are lying in order to promote your agenda.
I'm not so sure the story started among Linux advocates, and I know Linux advocates aren't the only ones raising the alarm.
And besides, what kind of agenda are we supposed to expect from Microsoft? They'd give use the same denial whether they were guilty or not. Their disclaimer proves nothing. Being utterly predictable, it was information-free.
If they do happen to be in the right (for a change), it would be no more than poetic justice to have them suffer a customer revolt based on misinformation. What goes around comes around, and all that.
Re:Believable? Nope. (Score:2)
Text of Microsoft's response (Score:3)
There is no "Back Door" in Windows
Originally Posted: September 03, 1999
Summary
A report alleges that Microsoft "may have installed a 'back door' for the National Security Agency... making it orders of magnitude easier for the US government to access their computers". This allegation is false.
What's the allegation?
The report alleges that a cryptographic key that ships as part of the CryptoAPI architecture is labeled "NSA key" and constitutes a "back door" that could be used by government agencies to start or stop system security services on user's computers.
Is the allegation true?
No. Microsoft does not leave "back doors" in our products. This is in keeping with our historical stance on this issue. For instance, we have opposed the various key escrow proposals that have been suggested by the government, because we because we don't believe they are in the best interests of consumers or the industry.
Are there two keys?
Yes. However, both are Microsoft keys. We do not share them with any third party, including the National Security Agency or any other government agency.
What's CryptoAPI?
CryptoAPI is a Microsoft technology for providing cryptographic services. Vendors can develop stand-alone cryptographic modules called Cryptographic Service Providers (CSPs), which can then be called by any program via the CryptoAPI interface. For more information on CryptoAPI, see http://www.microsoft.com/security/tech/cryptoapi/
What are the keys in question?
The keys are used to verify the digital signatures on CSPs.
Why do CSPs have to be signed? And why by Microsoft?
CryptoAPI is subject US export laws regarding cryptography. One element of this requires Microsoft to ensure that CryptoAPI will only load CSPs that meet US cryptographic export laws. This is done by digitally signing all CSPs. Before it loads a CSP, CryptoAPI verifies that the CSP has been digitally signed. Part of Microsoft's responsibility as the vendor for CryptoAPI is to sign the CSPs.
When a vendor has a new CSP that they want to release, they submit it for signing and show that all export licensing has been received. Microsoft then digitally signs the CSP, and it can thereafter be used by CryptoAPI.
Why are there two keys?
There is a primary and a backup key.
Why is a backup key needed?
The backup key is needed for disaster recovery. To see why, suppose we had only one signing key. If a natural disaster destroyed the building in which it were kept, all of the previously-signed CSPs would continue to function normally, because the key used for verification exists in every copy of Windows. However, Microsoft would need to sign future CSPs using a new key. In order for these CSPs to be verified, matching key material would need to be provided to all of the millions of customers using Windows 95, 98 and Windows NT. Clearly, this would be a massive undertaking.
This is why there are two keys. If something befell the primary key, Microsoft could thereafter sign CSPs using the backup key. Because the backup is already in every copy of Windows, there would be no disruption to customers.
Why the backup key labeled "NSA key"?
This is simply an unfortunate name. The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.
I heard that there is a third key in Windows 2000. Is this true?
There is a third key present in the beta versions of Windows 2000, but it does not provide a "back door". It is simply a test key that allows the developers to sign test CSPs while Windows 2000 is under development. It will not be present in the production version of Windows 2000.
Does this have any effect on CryptoAPI's compliance with US export law?
No. The CryptoAPI architecture is fully compliant with US export law.
Revisions September 03, 1999: Bulletin Created.
-----------------------------------------------
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
© 1999 Microsoft Corporation. All rights reserved.
deactivated... (Score:2)
now, how could anyone refuse?
incidentally, this has accidentally been through both a mac and a linux box since leaving ms, and is therefore highly offensive to every single person who reads /. Handle with care.
Microsoft Security BulletinThere is no "Back Door" in Windows
Originally Posted: September 03, 1999
Summary
A report alleges that Microsoft "may have installed a 'back door' for the National Security Agency... making it orders of magnitude easier for the US government to access their computers". This allegation is false.
What's the allegation?
The report alleges that a cryptographic key that ships as part of the CryptoAPI architecture is labeled "NSA key" and constitutes a "back door" that could be used by government agencies to start or stop system security services on user's computers.
Is the allegation true?
No. Microsoft does not leave "back doors" in our products. This is in keeping with our historical stance on this issue. For instance, we have opposed the various key escrow proposals that have been suggested by the government, because we because we don't believe they are in the best interests of consumers or the industry.
Are there two keys?
Yes. However, both are Microsoft keys. We do not share them with any third party, including the National Security Agency or any other government agency.
What's CryptoAPI?
CryptoAPI is a Microsoft technology for providing cryptographic services. Vendors can develop stand-alone cryptographic modules called Cryptographic Service Providers (CSPs), which can then be called by any program via the CryptoAPI interface. For more information on CryptoAPI, see http://www.microsof t.com/security/tech/cryptoapi/default.asp [microsoft.com].
What are the keys in question?
The keys are used to verify the digital signatures on CSPs.
Why do CSPs have to be signed? And why by Microsoft?
CryptoAPI is subject US export laws regarding cryptography. One element of this requires Microsoft to ensure that CryptoAPI will only load CSPs that meet US cryptographic export laws. This is done by digitally signing all CSPs. Before it loads a CSP, CryptoAPI verifies that the CSP has been digitally signed. Part of Microsoft's responsibility as the vendor for CryptoAPI is to sign the CSPs.
When a vendor has a new CSP that they want to release, they submit it for signing and show that all export licensing has been received. Microsoft then digitally signs the CSP, and it can thereafter be used by CryptoAPI.
Why are there two keys?
There is a primary and a backup key.
Why is a backup key needed?
The backup key is needed for disaster recovery. To see why, suppose we had only one signing key. If a natural disaster destroyed the building in which it were kept, all of the previously-signed CSPs would continue to function normally, because the key used for verification exists in every copy of Windows. However, Microsoft would need to sign future CSPs using a new key. In order for these CSPs to be verified, matching key material would need to be provided to all of the millions of customers using Windows95, 98 and WindowsNT. Clearly, this would be a massive undertaking.
This is why there are two keys. If something befell the primary key, Microsoft could thereafter sign CSPs using the backup key. Because the backup is already in every copy of Windows, there would be no disruption to customers.
Why the backup key labeled "NSA key"?
This is simply an unfortunate name. The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.
I heard that there is a third key in Windows2000. Is this true?
There is a third key present in the beta versions of Windows2000, but it does not provide a "back door". It is simply a test key that allows the developers to sign test CSPs while Windows2000 is under development. It will not be present in the production version of Windows2000.
Does this have any effect on CryptoAPI's compliance with US export law?
No. The CryptoAPI architecture is fully compliant with US export law.
Re:2.0.32??? (Score:3)
No, I got the same page, yet the IIS scripts claim I have 2.0.32, not one of the 2.2 kernels. Why they don't just write a page and post it with a simple link is befond me. They must have a network of scripts to spin every document that comes out of that place.
Its like they are trying to automate thier PR department by scripting. I'm waiting for someone to come up with a Microsoft PR generator page so anyone can create hype with a spin on the fly.
Re:Believable? Nope. (Score:2)
Yeah we all know how immune linux is to those.
Re:Once and for all - not a back door. (Score:2)
Re:I don't buy it (Score:2)
Of course, it would be asinine to store only one copy of each key.
So, in short, having two keys allows:
1. No increase in security or reliability
2. An increased likelyhood of the key being cracked by brute force.
-----
Re:Once and for all - not a back door. (Score:2)
The proposed law would allow LEAs (with a proper warrant) to break onto the suspect's premises and somehow install software to surrepticiously disable passwords, encryption, etc., providing LE with full, ongoing access to all data and communications.
When I first read about this proposal, it didn't make much sense; wouldn't LE need to break any existing security first, before installing their "backdoored" version?
Now it all makes sense. At least in the case of Windoze, the backdoor is already there, specifically a mechanism that allows anyone to "sigh in" a modified version of whatever security module is desired.
Each event, viewed separately, is disturbing. Together, they're horrifying.
uhm, cant be quit the blind flame-MS kiddiness? (Score:2)
Now they give a fairly detailed explanation that - to me (although I admit to not knowing crypto stuff) - seems to make some sense and be quite believable.
Instantly
OK, some of the posts I read gave decent, thought out critiques to suggest the statement was fishy. But a whole lot more of them smack of the sadly very-common attitude of some
Hardware keys are different (Score:3)
Assuming MS uses one of the latter, having a "hot spare" might make sense...
... except, as the BUGTRAQ article notes, Microsoft's explanation still makes absolutely no sense. There's no apparent key hierarchy (isn't the crypto key signed by a master MS key?), there's no apparent rollover mechanism, and there's the insane assumption that there can only be one major physical disaster befall Microsoft. That's crazy; during the World Trade Center bombing at least one company had lost both primary and backup sites!
Ironically, I find this makes MS's story seem *more* likely. The corporate culture is notorious for its "performance is not my problem; computers will be faster next month" mentality, and this ill-informed, brute force way of dealing with the subtle issues of key management matchs that culture!
seems to me they admit it (Score:2)
But I'd ask the more general question: why does this surprise anyone? NT is not an open source product. It would be easy for any developer on the project to slip in a backdoor. Based on experience with other large software systems, I'd expect there to be dozens of backdoors in NT system and applications software. I wouldn't trust NT security further than I can throw a year's worth of MSDN CD's and documentation.
Re:Problems in M$ statement (Score:2)
b) I guess some bozo at M$ just forgot to strip the release executables, nothing more.
--